I’m
Shasheen
Bandodkar
SKILLS & SPECIALTIES
-
SAST (static analysis), SCA (software composition analysis), Secrets Detection (git hooks, CI, runtime)
Container Security (image scanning, CIS benchmarks, supply chain)
API Security & Testing (authN/Z, rate limiting, schema validation)
Secure SDLC / Threat Modeling
CI/CD Security (pipeline hardening, artifact signing)
Dependency Management (SBOM, package pinning)
-
Prompt Injection & LLM Application Security
Model Security
AI Data Security
AI Supply Chain Security
AI Infrastructure Security
AI Red Teaming & Monitoring
-
Reconnaissance & Enumeration
Web App & API Exploitation
Cloud Penetration Testing
Container/Kubernetes Attacks
Social Engineering / Phishing
Password Cracking & Credential Attacks
Threat Intelligence
-
Identity & Access Management (Okta, MFA, SSO, lifecycle automation)
Email Security (DMARC/SPF/DKIM, BEC defense)
Endpoint Security (macOS hardening, EDR, MDM)
Network Access Security (ZTNA, VPN, SSE/SASE)
Data Protection & DLP (Insider-risk monitoring, DSPM)
SaaS Security Posture Management (SSPM, OAuth risk, CASB)
-
Threat Detection Engineering
Alert Triage & Incident Analysis
Threat Hunting
Incident Response Operations
Forensics & Artifact Analysis
Post-Incident Activities & Improvements
WORK
My Approach
“You do not rise to the level of your goals. You fall to the level of your systems.”
“Success depends on our willingness to be wrong — to probe failures, extract their truths, and rebuild stronger than before.”
“The Energy Paradox teaches us that true power comes not from consuming more, but from mastering the hidden rules of efficiency — daring to redesign systems so they produce twice the value with half the input, and in doing so, unlocking prosperity that was always within reach.”
“Build defenses that anticipate tomorrow's threats, not yesterday's headlines because true security is the courage to shape the future, not the comfort of surviving the past.”