Work Experiences

Software Engineer (Full-time) | StepSecurity Inc.

July-2023 to Present

• Responsible for R&D of eBPF-based solutions for network, process and file visibility and policy-enforcement.

• Designed, developed and maintaining a portable eBPF based module with following capabilities,

  • traces every outgoing network-packet
  • traces every dns-resolution
  • can be configured to act as policy-based firewall such that it,
    • blocks dns-resolutions not in allow-policy
    • blocks ip-connections not in allow-policy

• Leading the R&D of eBPF based armour to detect/protect agents from tampering attacks.

• Still contributing/maintaining Harden-Runner.

---

Software Developer (Part-Time) | StepSecurity Inc. |

April-2022 to June-2023

• Responsible for porting runtime-security solution to ARC-based self-hosted runners.

• Implemented eBPF-based HTTPS traffic interception capability in agent.

• Automated implementation of security best‑practices in GitHub Actions workflow files.

• Continued maintenance work on runtime security agent for CI/CD runners.

• Automated the manual-static-analysis process to figure GITHUB_TOKEN permissions for third-party Github Actions.

• Started contributing to Harden-Runner.

---

Software Developer (Intern) | StepSecurity Inc.

January-2022 to March-2022

• Performed source‑code‑analysis of 50+ OpenSource third-Party Github Actions for determining their GITHUB_TOKEN permissions.

  • Stored the analyzed-info in open-source knowledge-Database.

• Raised 15+ PRs in Github-Actions start-workflows to restrict permissions to least-privileges.

  • Resulting in secure-by-default starter-workflow.

• Implemented unit-tests/bug-fixes in step-security agent.