π India
π Security Engineer | π‘οΈ Cloud security | βοΈ Backend & Systems Builder
I break systems deliberately β
so they fail safely in the real world.
Iβm a security-first engineer with a strong backend and systems foundation.
I donβt believe in checkbox security. I believe in attack-aware engineering.
My approach is simple but strict:
If a system can be abused, it will be.
So design it assuming an intelligent adversary.
I actively work across:
- Offensive security (how systems break)
- Defensive engineering (how systems survive)
- Backend & infrastructure (where attacks actually land)
- π Security is not a layer, itβs a baseline
- π§ Threat models matter more than tools
- π§ͺ Proof-of-concept is useless without mitigation
- ποΈ Systems should fail safely, not silently
- π€ AI without security is technical debt at scale
Defensive security tooling & automation for modern threats
Focus areas:
- Threat detection logic
- Secure automation
- Practical defense workflows
π https://github.com/sumansingh20/CyberShield?target=https://github.com
A privacy-first, security-centric email system
Designed with:
- Zero-trust mindset
- Attack surface minimization
- Secure auth & storage principles
π https://github.com/sumansingh20/BharatMail?target=https://github.com
Hands-on repository covering:
- Real-world vulnerabilities
- Exploitation techniques
- Secure-by-design fixes
- Web, Network & System Penetration Testing
- Threat Modeling & Risk Analysis
- OWASP Top 10 (Web, API)
- Linux Hardening & Secure Configurations
- Docker & Kubernetes Security
- CI/CD Security Pipelines
- Cloud Security Fundamentals
Tools:
Nmap Β· Burp Suite Β· Metasploit Β· Wireshark Β· Linux
- Secure REST API design
- Authentication & Authorization models
- Role-based & policy-based access control
- Secure data handling & validation
- Microservices security concerns
- High-risk input & boundary defense
Languages:
Python Β· Java Β· Node.js Β· Go Β· C / C++ Β· Bash
- Cloud threat models (AWS / Azure / GCP)
- IAM & permission boundaries
- Secure storage & secrets handling
Databases:
PostgreSQL Β· MySQL Β· MongoDB Β· Redis
- ML-assisted malware detection concepts
- Adversarial attack surfaces in AI systems
- Securing AI pipelines & data flows
- Understanding how AI changes threat models
Libraries:
TensorFlow Β· PyTorch Β· Scikit-learn Β· Pandas Β· NumPy
- Advanced penetration testing methodologies
- Malware behavior & analysis fundamentals
- Secure system design under adversarial conditions
- AI + Cybersecurity intersections
- Turning exploits into engineering rules
- Cybersecurity fundamentals
- Exploit breakdowns
- Secure architecture concepts
- AI security risks & design lessons
(Actively expanding technical writing)
- π« Email β sumantech07@gmail.com
- πΌ LinkedIn β https://www.linkedin.com/in/sumankumar-/
- π§ GitHub β https://github.com/sumansingh20?target=https://github.com
- 𧩠LeetCode β https://www.leetcode.com/sumansingh20
Attackers think in possibilities.
Defenders think in guarantees.
I train myself to think like both.
Secure systems arenβt built by fear β
theyβre built by understanding failure.