Roshan Piyush is a Senior Principal Security Researcher with a decade of hands-on experience building product and API security solutions, leading devsecops, runtime protection, and security research at Harness. He combines deep engineering skills in backend and DevOps—Kubernetes, automation, and secure deployments—with applied research in machine learning for security and hands-on offensive testing. Roshan has driven secure SDLC adoption at enterprises like Ping and Oracle and contributes to notable OWASP projects, including restructuring the crAPI repo and improving the Coraza WAF's rule engine. Colleagues rely on him to translate complex threat models into deployable controls and detection use cases that scale across cloud-native stacks. He’s based in Bengaluru and brings a rare blend of practical exploit knowledge, secure product design, and infrastructure automation to security engineering.
10 years of coding experience
13 years of employment as a software developer
Secondary Education, Secondary Education at De Nobili School
Bachelor's Degree Computer Science and Engineering, Bachelor's Degree Computer Science and Engineering at National Institute of Technology Calicut
Contributions:19 releases, 58 reviews, 127 commits in 2 years 2 months
Contributions summary:Roshan primarily focused on restructuring the repository and improving automation processes. Their work included standardizing Kubernetes deployment configuration, fixing relative paths, and updating documentation. They also implemented improvements to automation scripts and added configurations for various deployments. The user demonstrated a strong understanding of both back-end and DevOps principles by working with deployment scripts, k8s configurations and restructuring the repository.
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
Role in this project:
Back-end Developer & Security Engineer
Contributions:15 reviews, 13 commits, 13 PRs in 8 months
Contributions summary:Roshan contributed to the OWASP Coraza WAF project by optimizing rule matching logic and addressing case-sensitive evaluation issues. They fixed bugs related to include directives and variable negation, improving the WAF's parsing and rule processing capabilities. The contributions also involved adding more comprehensive tests to ensure accurate argument handling and the correct application of security rules.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Roshan Piyush - Senior Principal Security Researcher at Harness