Hello, I am Anshuman, an Information Security professional. Read About Me →
Blog
- The Boring AppSec Podcast S1E08 - Bug Bounties Part 2
- The Boring AppSec Podcast S1E07 - Hiring in Security
- The Boring AppSec Podcast S1E06 - Vulnerability Management
- The Boring AppSec Podcast S1E05 - Threat Modeling
- The Boring AppSec Podcast S1E04 - Running a lean AppSec team
- The Boring AppSec Podcast S1E03 - Bug Bounties
- The Boring AppSec Podcast S1E02 - First Security Hire
- The Boring AppSec Podcast S1E01 - Asset Inventory
- A Guide To Identify Authorization Vulnerabilities At Scale Using Semgrep
- A Guide On Implementing An Effective SAST Workflow
- A Lightweight Approach To Implement Secure Software Development LifeCycle (Secure SDLC)
- Product Security Roadmap
- Building a Product Security program from scratch
- How I ran my first half marathon!
- Ability to send payment requests inspite of being blocked by the recipient
- A CSRF protection bypass technique
- A bug in Facebook that violated my privacy
- Analysis of the BrowserStack breach - A classic example of "Pivoting in the Clouds"
- Security issues with friction-less signup flows
- Performing code review on shell scripts
