Hi, my name is
Shivam Saraswat.
I build things for the security.
I’m a product security engineer (R&D) specializing in building exceptional security solutions. Currently, I’m focused on building dev-centric security products (using shift-left approach) at IKEA.
About Me
Hello! My name is Shivam. As a Security Engineer at IKEA, I engineer and implement innovative security solutions to protect the company’s web and API assets.
My 2+ years of security experience span various domains, including automated vulnerability management, offensive and defensive strategies, and security automation. I’ve secured CI/CD pipelines, improved supply chain security, and implemented Static and Dynamic Application Security Testing (SAST/DAST).
Additionally, I hold a Bachelor of Technology in CSE (Cyber Security and Forensics) from GLA University, along with certifications and publications in cybersecurity.
My goal is to continuously learn and apply new skills and technologies to protect and empower the digital world.
Here are a few technologies I’ve been working with recently:
- Product Security
- Application Security
- DevSecOps
- Cloud Security
- Security Automation (Python, Bash)
- Vulnerability Management
- Git, GitHub
- Github Actions
- MongoDB
- Docker
- GCP, AWS
- Swagger, Postman
- Linux, MacOS, Windows
- Burp Suite, Nmap, Wireshark, Nuclei, Nessus
Where I’ve Worked
Product Security Engineer @ IKEA
April 2023 - Present
-
Architecting Security Solution & Deployment: Engineered Heimdall, an in-house Automated Web and API Security Monitoring Solution, slashing external engagement costs by 20% through improved responsible disclosure programs. Orchestrated cloud deployment using GitHub Actions, Cloud Run, and Artifact Registry, ensuring seamless functionality.
-
DevSecOps Scorecard & Platform Engineering: Pioneered scorecard technique for instant DevSecOps assessment, leading to better decision-making and increased security awareness with a centralized organizational dashboard.
-
Collaborative Innovation: Worked with Engineering teams to pioneer R&D efforts to strengthen IKEA’s product security infrastructure, integrating advanced tools into CI/CD pipelines.
-
Pioneering Exploration: Collaborated cross-functionally to prototype and implement scalable solutions, driving a cloud-first architecture.
-
Automated Vulnerability Management: Streamlined the extraction of critical issues from Google Security Command Centre (SCC) with real-time Slack notifications and centralized dashboard visualization, optimizing response time, triaging, follow-ups, and patching.
-
Enhanced Cloud Security: Pioneered Access Control Policies for Google Cloud Projects, resolved DNS Dangling Issues and formulated Best Practices Policies.
-
Detailed Documentation: Thoroughly documented Cloud Security findings investigations and research.
-
Bug Bounty Program Management: Investigated and resolved multiple issues reported by external Security Researchers on the Bug Bounty program.
-
Comprehensive Security Assessments: Conducted regular Penetration Testing, Threat Modeling, and Secure Code Reviews for Internal Products.
-
Security Awareness: Delivered 10+ engaging sessions with actionable cybersecurity strategies to non-security co-workers.
Some Things I’ve Built
Featured Project
PYrevDNS
PYrevDNS is a simple tool for performing reverse DNS lookups on IP addresses. Available on PyPi and Docker Hub.
- Python
- DNS
- Docker
Featured Project
Certify - SSL/TLS Certificate Security Analysis Tool
Certify is a powerful and easy-to-use tool designed to check the security of SSL/TLS certificates. Available on PyPi and Docker Hub.
- Python
- TLS
Featured Project
Refinements in Zeek IDS
Designed and implemented custom scripts for improving the logging capability of the Zeek IDS. Also, published a paper in the IEEE Conference on the topic – Refinements in Zeek Intrusion Detection System.
- Zeek
- IDS
Other Noteworthy Projects
view the archivePYrevDNS
PYrevDNS is a simple tool for performing reverse DNS lookups on IP addresses. This tool is useful for network administrators and security professionals to identify the domain names associated with IP addresses.
Certify - SSL/TLS Certificate Security Analysis Tool
Certify is a powerful and easy-to-use tool designed to check the security of SSL/TLS certificates.
PGrab
PGrab is a banner grabber tool used to gather information about a remote server or device, specifically the banner or header information that is sent when a connection is made.
crt.sh Domain Finder
It can retrieve all the domains and the subdomains associated with a domain using crt.sh. It can also be used in conjunction with other tools (such as httpX) to know the active domains.
WebXCrawler
WebXCrawler is a fast static crawler to crawl a website and get all the links. It is useful for web developers and security professionals to identify the links present on a website. It is built using Python and BeautifulSoup.
SSH Bruteforcer and Bruteforce Detector
It is a tool for brute-forcing the SSH service, allowing for testing and analysis of SSH security measures, and it also comes with option to detect brute-force attacks on the SSH service.
What’s Next?
Get In Touch
My inbox is always open. Whether you have a question or just want to say hi, I’ll try my best to get back to you!
Say Hello