14 years securing cloud environments and applications across AWS and Azure.
I write about the decisions that keep organisations safe — and the ones that don't.
// coming soon
In-depth writing on cloud security, penetration testing, and application security — from 14 years of hands-on work. Follow on LinkedIn to get notified when the first article drops.
Follow on LinkedInAWS and Azure security design, IAM, zero trust, CIS benchmarks, secure landing zones.
Web application VAPT, API security, OWASP Top 10, source code review, Burp Suite, Acunetix.
Penetration testing, red teaming, bug bounty — real-world attack findings and what they reveal.
SIEM, threat intelligence, incident response, Microsoft Sentinel, AWS Security Hub.
HIPAA, SOC2, PCI DSS, ISO 27001 — making compliance actually mean something.
Translating technical risk into business decisions for CxOs and boards.
Husband. Father. Trader. Security Professional.
Outside of security, I spend time with my family, follow the markets, and try to bring the same rigour I apply to threat modelling into everything else I do. Security is what I do — but it is not all that I am.
My career started in IT infrastructure for a Government of India organisation. From there I moved into ethical hacking — training others on how attacks work before spending the next decade using those same techniques professionally.
Over 14 years I have worked across the full security stack — application security testing (Burp Suite, Acunetix, ZAP, source code reviews), cloud security architecture across AWS and Azure, penetration testing, bug bounty programme management, and building threat intelligence pipelines that measurably reduce response times.
I write here to share what that breadth of experience looks like in practice — without vendor marketing, without recycled blog posts, and without making security harder to understand than it needs to be.
For collaborations and feedback on the writing, reach me on LinkedIn.
Connect on LinkedIn