Sam Sanoop

Security Engineer at GitLab

United Kingdom
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Sam Sanoop is a seasoned Security Engineer with 11 years of experience specializing in application and static-analysis driven security research. Currently splitting time between an engineering role at GitLab and guiding technical strategy as CTO at Fight Division, he brings hands-on expertise from offensive assessments to building defensive tooling. At Snyk he developed datalog-based static analysis rules and large-scale vulnerability triage pipelines, marrying research with practical rule engineering for open-source ecosystems. His open-source work—including intentionally vulnerable projects that demonstrate SQLi, XXE, XSS and API flaws—signals a strong emphasis on security education and reproducible testing. Known for delivering trainings at major conferences and translating complex vulnerability trends into tooling and processes, he uniquely combines consultancy experience with product-focused security engineering.
code11 years of coding experience
job4 years of employment as a software developer
github-logo-circle

Github Skills (20)

sql-injection10
javascript10
web-application-security10
it-security10
security10
code-injection10
php10
xss10
vulnerabilities10
nodejs10
api-design9
restful-api9
expressjs9
buffer-overflow9
api-rest9

Programming languages (12)

TypeScriptJavaCSSC++RustSolidityJavaScriptGo

Github contributions (5)

github-logo-circle
A small collection of vulnerable code snippets
Role in this project:
userSecurity Engineer
Contributions:120 commits, 8 PRs, 75 pushes in 3 years 9 months
Contributions summary:Sam contributed a series of code snippets designed to showcase various security vulnerabilities, including resource injection, open redirects, SQL injection, and cross-site scripting (XSS) issues. Their commits demonstrate an understanding of common web application flaws by creating examples in different programming languages such as PHP, Ruby, and JavaScript, and illustrating how to exploit them. This focus on creating vulnerable code suggests a role centered around security testing or educational purposes.
vulnerablesnippets
snoopysecurity/dvws-node

Apr 2020 - Dec 2022

Role in this project:
userBack-end Developer & Security Engineer
Contributions:2 reviews, 102 commits, 25 PRs in 2 years 9 months
Contributions summary:Sam's contributions primarily focused on implementing and addressing security vulnerabilities within the web services application. They introduced features related to SQL injection, JSON hijacking, XML-based vulnerabilities (XXE, XSS), and path traversal. This user was also responsible for refactoring code and fixing bugs to enhance the overall security posture of the application. They demonstrated a solid understanding of common web application security flaws and their mitigation.
vulnerableapivulnerabilitiessecurityweb-services
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial