Artem Smotrakov

Principal Security Engineer at Riot Games

Greater Dublin Ireland
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Artem Smotrakov is a Principal Security Engineer based in Dublin with 10 years of hands-on experience securing large-scale Java and web ecosystems. He blends deep platform knowledge from Oracle’s Java security libraries with practical SecDevOps and threat modeling work at SAP, Zalando and Riot Games to reduce likelihood and impact of real-world attacks. Artem is a prolific open-source contributor who has hardened widely used projects such as Netty, Bouncy Castle and the Spring Security OAuth implementation, including safer deserialization and HTTP header handling fixes. He builds security tools and processes as well as code-level mitigations, having helped create components like Fosstars for assessing OSS risk and improved the OpenAPI plugin in the w3af scanner. Known for pragmatic, developer-friendly security, he focuses on fixes that both remove vulnerabilities and keep projects usable by upstream communities. Colleagues rely on him to translate complex cryptography and protocol issues into maintainable, testable solutions.
code10 years of coding experience
job15 years of employment as a software developer
bookMaster's degree Informatics, Master's degree Informatics at State University of Nizhni Novgorod named after N.I. Lobachevsky (UNN)
languagesEnglish, Russian, German
stackoverflow-logo

Stackoverflow

Stats
1reputation
0reached
0answers
0questions
github-logo-circle

Github Skills (27)

crypto10
tls1210
python10
apidoc10
web-application-security10
testing10
it-security10
http10
tls1310
java10
security10
post-quantum-cryptography10
mtls10
javas10
deserialization10

Programming languages (9)

JavaShellC++CSCSSCodeQLGoHTML

Github contributions (5)

github-logo-circle
netty/netty

Feb 2020 - Oct 2020

Netty project - an event-driven asynchronous network application framework
Role in this project:
userBackend & Security Engineer
Contributions:23 reviews, 16 commits, 8 PRs in 8 months
Contributions summary:Artem primarily contributed to the security and robustness of the Netty project by addressing vulnerabilities and improving code quality. They implemented tests to ensure correct handling of HTTP headers, specifically focusing on preventing issues related to whitespace in the `Transfer-Encoding` header. The user also suppressed warnings related to weak cryptographic algorithms and fixed multiple issues reported by LGTM, improving code safety and compliance. Furthermore, the user added the `nohttp` check to the build process, ensuring the use of HTTPS over HTTP.
asynchronousasynchronous-networknionettyapplication-framework
andresriancho/w3af

Aug 2018 - Oct 2018

w3af: web application attack and audit framework, the open source web vulnerability scanner.
Role in this project:
userBack-end Developer & Security Engineer
Contributions:34 commits, 15 PRs, 54 comments in 2 months
Contributions summary:Artem primarily contributed to the w3af project by enhancing the OpenAPI plugin, a crucial component for web application security scanning. Their work included adding parameters for the plugin, refining the handling of custom API specifications, and implementing the ability to fuzz headers based on the OpenAPI specifications. The contributions focused on improving the plugin's functionality and accuracy in identifying and testing API endpoints, thereby enhancing the overall security audit capabilities of the w3af framework. Furthermore, the user updated tests and documentation to support their changes.
bugbountyweb-applicationmethodologysecurity-toolsvulnerabilities
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial