Product Security Engineer
AppSec • Cloud Security • AI/LLM Security

👤 About Me

I am a Product Security Engineer focused on securing modern applications and cloud-native systems. My work spans application security, cloud infrastructure, and emerging AI/LLM threat models.

• API & Web Security (OWASP Top 10)
• AWS-based architectures
• LLM security, prompt injection, and RAG defenses
• Security automation and developer-first security practices

🛠️ Tech Stack

• Languages: Python, Go, Java, JavaScript, Bash
• Cloud & DevOps: AWS (Lambda, EventBridge, CodeBuild, CloudWatch)
• Security: Burp Suite, Nmap, Semgrep, API Security, Secure Code Review
• Automation: GitHub Actions, GitLab CI, Activepieces
• Other: Docker, Selenium, Postman

🧪 Projects

Oralyzer

Client-side vulnerability scanner for web applications:

• Detects DOM XSS, Open Redirect, and CRLF issues
• Integrates with recon workflows (reconftw)
• Designed for automated security testing use cases

FireEye (AWS Monitoring Toolkit)

• Security-focused AWS monitoring and resource tracking toolkit

Endomorph

• Command-line utility for endianness conversion (C)

📜 Certification

• eWPTX v3 (INE) – Verify

📫 Connect

• Portfolio: https://r0075h3ll.github.io
• LinkedIn: https://linkedin.com/in/r0075h3ll
• Email: hnanda21@gmail.com