Hi! My name is Charan.

I am Senior Security Engineer at Reddit, with over 14+ years of experience in the software industry. I began my career as a software developer and later transitioned into security due to my strong passion for the field. My main focus is on solving security, compliance, and privacy issues within software architecture. I have a keen interest in Application Security, Cloud Security, Infra Security, Pentesting, Cryptography, AI and Machine Learning. In addition, I hold several security certifications and developer certifications, including AWS Cloud Developer and AWS Security certifications. Furthermore, I have obtained certifications such as GPEN, GCSA, GWAPT, GSSP-Java, and I am a member of the GIAC Advisory Board. 

I discovered critical security misconfigurations in Salesforce that exposed sensitive data, including personal, medical, and financial details, from organizations such as U.S. government agencies, international corporations, banks, hospitals, energy companies, and insurance firms. To address these vulnerabilities, I worked closely with companies like UHG, Delta Dental, Johnson & Johnson, Cracker Barrel, and Schneider Electric to help resolve the issue. I am currently collaborating with multiple organizations and Salesforce to further improve security. My work has been featured in prominent publications such as SCMagazine, Arstechnica, Theregister.com, and KrebsOnSecurity.

In addition, I am working with startup companies to implement best practices in application security, cloud security, and data privacy. Beyond my role as a security engineer, I am also an author and speaker on topics related to security and privacy. Recently, I contributed as an author for O'Reilly, writing a chapter on API security for the book 97 Things Every Application Security Professional Should Know, and I am currently working as an editor for Manning Publications. I have also served as an author and peer reviewer for journals published by IEEE.

I hold a Masters in Computer Science from Gatech. Throughout my career, I have had the privilege of working with esteemed organizations such as Honeywell, ADP, Verizon, ESPN, and Asurion. Additionally, I have been actively involved in cryptography research at JNTUK.

I am dedicated to advancing the field of security and continually seeking innovative solutions to address complex challenges. If you have any questions or would like to discuss potential opportunities, please feel free to reach out to me.