Gaurav Gogia is a Senior Software Engineer with 10 years of experience specializing in cloud security, DevSecOps, and research-driven product development from Bengaluru, India. He has built and led research efforts that moved security features from 0-to-1—authoring the majority of mitigation code at Qualys’ TruRisk product and automating vulnerability mapping to keep pace with detection teams. Hands-on across IaC scanners and cloud platforms, he contributed to the widely used Terrascan project to improve detection accuracy, error handling, and test coverage. His background blends digital forensics research (PhD candidate) with applied security engineering, including privacy audits of top health apps and building real-time cloud drift detection. Colleagues describe him as a developer-researcher who pairs rigorous automation with practical mitigations, often turning complex benchmarks into fast, production-ready security policies.
10 years of coding experience
6 years of employment as a software developer
Doctor of Philosophy - PhD Computer Science, Doctor of Philosophy - PhD Computer Science at National Forensic Sciences University (NFSU)
Bachelor's degree BCA, Bachelor's degree BCA at Vivekananda Institute of Professional Studies
High School Diploma Business/Commerce General, High School Diploma Business/Commerce General at DAV Public School, Sahibabad
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Role in this project:
Cloud Engineer / Infrastructure Engineer
Contributions:74 reviews, 56 commits, 97 PRs in 1 year 11 months
Contributions summary:Gaurav primarily focused on enhancing the `terrascan` project's capabilities to detect and report compliance and security violations in Infrastructure as Code (IaC). Their contributions involved implementing features to specify desired categories of violations, fixing bugs, and updating dependencies. They also added numerous test cases and made improvements to error handling and configuration, demonstrating a focus on ensuring the tool's accuracy and reliability.
Mutant is an open-source, garbage-collected programming language that tries to enable security by default.
Contributions:4 releases, 71 commits, 14 PRs in 2 years 10 months
golangmetamorphismsecuritygarbagemutant
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Gaurav Gogia - Senior Software Engineer II at Fujitsu Research