Singapore
I'm
Aashish Vivekanand
Cyber Security  Engineer @ Cloudflare | Network and Cloud Security
LinkedIn
linkedin icon
Github
github icon
StackOverflow
stackoverflow icon
npm
npm icon
Aashish Image

A little about me

I am an accomplished cybersecurity and software engineering professional with a strong foundation in Computer Science Engineering from Anna University, Chennai. Currently excelling as a Senior Software Engineer at Proxtera, I lead the development of secure, robust microservices and serverless APIs, focusing on IAM network security and data encryption.

As a distinguished Android Security expert, I have made significant strides in cloud and network security. My expertise extends to digital signature solutions and advanced serverless web application development, with a keen emphasis on internal security audits.

My commitment to cybersecurity shines through my impressive bug bounty achievements. I have actively identified and reported critical vulnerabilities to several organizations, including Jio, HomeCentre Landmark Group India, Mettl, and Singapore's LumiHealth app. My proactive approach to uncovering and addressing complex security risks underscores my exceptional skills in cybersecurity.

Experience
Aug 2024 – Current

Cloudflare

Cybersecurity Engineer


May 2022 – July 2024

Proxtera Pte Ltd

Senior Software Engineer

Architected and implemented microservices and serverless APIs for Proxtera Connect, focusing on robust Identity and Access Management (IAM), network security, and data encryption. I led the integration of Proxtera’s digital commerce offerings with ONDC API and printed the first international trade for a customer. I worked on integrating Singpass and MyInfoBiz APIs to retrieve personal and business data for SME verification in Singapore. Built key components of the SME Financial Empowerment (SMEFE) platform, enhancing financial tools and knowledge for customers. Engaged in R&D for the Monetary Authority of Singapore's Financial Transparency Corridor (FTC) pilot, focusing on improved financial transparency and trade connectivity.

May 2021 – April 2022

Trusted Services Pte Ltd

Cloud Solution Architect

Developed and implemented PAdES-LTA-compliant digital signatures using Singpass. This groundbreaking GovTech-approved project was the first to utilize Python for PAdES-LTA digital signatures, distinguishing it from traditional JAVA/Apache-based methods. PAdES (PDF Advanced Electronic Signatures) enhances PDFs and ISO 32000-1 for advanced signatures, with LTA ensuring long-term validity and integrity.

May 2019 – April 2021

Falaina Pte Ltd

Cloud Solution Architect

Designed and developed Falaina Community Cloud, a serverless modern web application used by Customers/ Internal Employees as a Ticketing, Marketing, and Sales as All in one Portal. Developed Falaina mobile apps and worked on internal security audits for products/projects before delivering them to customers.

December 2017 – April 2019

Deep Identity Pte Ltd

Software Developer (Android) & Mobile/Web  Vulnerability Assessment and Penetration Tester

Designed and developed Data Protection Manager (DPM), an application that actively monitors users from sending sensitive data outside the device. The agent can warn users if they send any PCI/DSS or HIPAA-compliant data. The agent is also capable of blocking internet activity on a per-app basis after repeated warnings. The agent scans in real-time after a photo/screenshot/file is taken/downloaded for sensitive data and reports it back.

Libraries & Apps

ccreward.app

NextJS Webapp

a web app that helps users maximize credit card rewards by providing personalized card comparisons based on spending patterns and merchant codes. Built with Next.js, it ensures privacy by performing all calculations on the user's device, with optional anonymous sign-up.

airport-data-js

NodeJS Library

A comprehensive library providing easy retrieval of airport data based on IATA, ICAO, city codes, country codes, and continents. Ideal for developers building applications related to aviation, travel, and geography.

corporate-taxid-checker-js

NodeJS Library

Tax ID Validator is a robust tool designed for validating various tax identification numbers (TINs), such as GSTIN in India, UEN in Singapore, etc. The tool uses regular expressions and specific validation logic for each type of TIN, ensuring that the input adheres to the expected format and structural rules of the respective issuing authority.

Python Library

A comprehensive Python library providing easy retrieval of airport data based on IATA, ICAO, city codes, country codes, and continents. Ideal for developers building applications related to aviation, travel, and geography in Python.

Bounties

Google

Ranked 2nd in Singapore and 865th globally on the Bug Hunters Leaderboard for identifying a significant privacy issue, classified as Priority P2 and Severity S2, with details currently under private disclosure.

Jio

Reported Information Exposure Through Debug Information (CWE-215) and Business Logic Errors (CWE-840), ranked 35th on Jio's HackerOne leaderboard in India.

Home Centre

Landmark Group India: Exposed a PII vulnerability enabling tracking customer orders, personal details,and purchase information.

Identified a PII exposure compromising thousands of job seekers' resumes, phone numbers, and addresses.

A potential MITM attack was detected due to an expired SSL certificate.

Reported a security flaw in an open endpoint lacking rate limiting/CAPTCHA, risking data scraping abuse.

Awards

Daimler Hackathon

3rd Place in Mobile App Garage 2017, conducted by Daimler India Commercial Vehicles in association with CUIC (Centre for University-Industry Collaboration), Anna University, India

US Consulate Hackathon

1st Place in Cyber-security Hackathon 2016, conducted by the US Consulate and Learning Links Foundation across India
SMART App: This Android app creates a 14-layer secured environment to stream videos. Users of the app are neither allowed to capture the screen nor programmatically record the video; if force recorded, it will be a blank screen. The app does not work on a rooted device or an emulator. The app won first place in the Cyber-Security Hackathon (US Consulate & LLF) - The Hindu News Article

1st Place in both Connect 2016 and Connect 2015, Hackathons organised by the CII Confederation of Indian Industry

SmartSignals - The best project at the state level, organised by the ISSRD International Society for Scientific Research & Development

Education
Sep 2023 – May 2025*
MSc in Cybersecurity
Jul 2013 – May 2017

Anna Univeristy

BE in Computer Science
Publications
IOP Conference Series: Materials Science and Engineering · Jun 1, 2017