Summary
Pavel Kann is a seasoned application security engineer and former QA specialist with 9+ years of hands-on experience in web application assessments, PCI DSS compliance, and secure development lifecycle design. He has progressed from manual QA and black-box testing to senior appsec roles where he wrote CodeQL queries, automated DAST/CI pipelines, and built internal security knowledgebases. As a freelance consultant he triages issues, performs static/dynamic analysis, and produces training materials that translate deep technical findings into actionable developer guidance. Pavel has delivered public-facing workshops, run community channels around CodeQL, and created interactive security training—an indication he values teaching as much as technical rigor. Based in St. Petersburg, he blends practical offensive testing skills (certified ethical hacker) with process improvement and automation experience in container and CI/CD security. A lesser-known but telling detail: his GitHub interests span appsec and music, hinting at a creative streak that complements his methodical security work.
9 years of coding experience
9 years of employment as a software developer
Specialist, Information Security, Specialist, Information Security at Saint Petersburg University for Water Communications
English, Russian