Artem Smotrakov is a Principal Security Engineer based in Dublin with 10 years of hands-on experience securing large-scale Java and web ecosystems. He blends deep platform knowledge from Oracle’s Java security libraries with practical SecDevOps and threat modeling work at SAP, Zalando and Riot Games to reduce likelihood and impact of real-world attacks. Artem is a prolific open-source contributor who has hardened widely used projects such as Netty, Bouncy Castle and the Spring Security OAuth implementation, including safer deserialization and HTTP header handling fixes. He builds security tools and processes as well as code-level mitigations, having helped create components like Fosstars for assessing OSS risk and improved the OpenAPI plugin in the w3af scanner. Known for pragmatic, developer-friendly security, he focuses on fixes that both remove vulnerabilities and keep projects usable by upstream communities. Colleagues rely on him to translate complex cryptography and protocol issues into maintainable, testable solutions.
10 years of coding experience
15 years of employment as a software developer
Master's degree Informatics, Master's degree Informatics at State University of Nizhni Novgorod named after N.I. Lobachevsky (UNN)
Netty project - an event-driven asynchronous network application framework
Role in this project:
Backend & Security Engineer
Contributions:23 reviews, 16 commits, 8 PRs in 8 months
Contributions summary:Artem primarily contributed to the security and robustness of the Netty project by addressing vulnerabilities and improving code quality. They implemented tests to ensure correct handling of HTTP headers, specifically focusing on preventing issues related to whitespace in the `Transfer-Encoding` header. The user also suppressed warnings related to weak cryptographic algorithms and fixed multiple issues reported by LGTM, improving code safety and compliance. Furthermore, the user added the `nohttp` check to the build process, ensuring the use of HTTPS over HTTP.
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Role in this project:
Back-end Developer & Security Engineer
Contributions:34 commits, 15 PRs, 54 comments in 2 months
Contributions summary:Artem primarily contributed to the w3af project by enhancing the OpenAPI plugin, a crucial component for web application security scanning. Their work included adding parameters for the plugin, refining the handling of custom API specifications, and implementing the ability to fuzz headers based on the OpenAPI specifications. The contributions focused on improving the plugin's functionality and accuracy in identifying and testing API endpoints, thereby enhancing the overall security audit capabilities of the w3af framework. Furthermore, the user updated tests and documentation to support their changes.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.