Sam Sanoop is a seasoned Security Engineer with 11 years of experience specializing in application and static-analysis driven security research. Currently splitting time between an engineering role at GitLab and guiding technical strategy as CTO at Fight Division, he brings hands-on expertise from offensive assessments to building defensive tooling. At Snyk he developed datalog-based static analysis rules and large-scale vulnerability triage pipelines, marrying research with practical rule engineering for open-source ecosystems. His open-source work—including intentionally vulnerable projects that demonstrate SQLi, XXE, XSS and API flaws—signals a strong emphasis on security education and reproducible testing. Known for delivering trainings at major conferences and translating complex vulnerability trends into tooling and processes, he uniquely combines consultancy experience with product-focused security engineering.
Contributions:120 commits, 8 PRs, 75 pushes in 3 years 9 months
Contributions summary:Sam contributed a series of code snippets designed to showcase various security vulnerabilities, including resource injection, open redirects, SQL injection, and cross-site scripting (XSS) issues. Their commits demonstrate an understanding of common web application flaws by creating examples in different programming languages such as PHP, Ruby, and JavaScript, and illustrating how to exploit them. This focus on creating vulnerable code suggests a role centered around security testing or educational purposes.
Contributions:2 reviews, 102 commits, 25 PRs in 2 years 9 months
Contributions summary:Sam's contributions primarily focused on implementing and addressing security vulnerabilities within the web services application. They introduced features related to SQL injection, JSON hijacking, XML-based vulnerabilities (XXE, XSS), and path traversal. This user was also responsible for refactoring code and fixing bugs to enhance the overall security posture of the application. They demonstrated a solid understanding of common web application security flaws and their mitigation.
vulnerableapivulnerabilitiessecurityweb-services
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.