Vineeth K

I’m a DevSecOps and Application Security Engineer with a strong foundation in integrating security into the software development lifecycle. With close to 2 years of hands-on experience, I help teams build secure, automated CI/CD pipelines, perform detailed security assessments, and remediate vulnerabilities in web applications and cloud environments.

I specialize in implementing SAST and DAST tools (Fortify, OWASP ZAP, Burp Suite, WebInspect) and automating security gates in CI/CD tools like Jenkins, GitHub Actions, and GitLab. I’ve worked extensively with Java-based applications (Spring Boot) and Python microservices, securing them through code reviews, vulnerability scans, and custom automation scripts.

Whether you need help in identifying and fixing OWASP Top 10 vulnerabilities, setting up security testing in your pipeline, or auditing your infrastructure for risks, I bring a balance of technical depth and practical security understanding. I’m also familiar with secrets management (Vault, Keycloak) and cloud platforms like Azure and Google Cloud (currently expanding into AWS).

My Services Include:

• DevSecOps pipeline setup and automation
• Application security assessment (code & runtime)
• Penetration testing for web apps and APIs
• Vulnerability management and reporting
• Secure code review and threat modeling