Back to Skills
DevSecOps
Securing applications, infrastructure, and game pipelines — from cryptographic key management to anti-tamper systems.
Application Security
›
OWASP Top 10 threat modeling and secure code review across Web3 backends (Golang, Node.js) and game clients (C#, Unity)
›
Penetration testing methodology covering API endpoints, smart contracts, and client-side attack surface
›
SAST/DAST integration into CI/CD (Semgrep, Trivy, SonarQube) for automated vulnerability detection
›
Dependency scanning (Dependabot, Renovate) with automated PRs for critical CVEs
›
Secrets management (AWS Secrets Manager, Vault, GitHub Secrets) with rotation policies and access audit trails
Game Security
›
Anti-cheat and anti-tampering systems for multiplayer games (memory protection, integrity verification, speed-hack detection)
›
Reverse-engineering prevention: control flow obfuscation, string encryption, symbol stripping for Unity (Mono/IL2CPP) assemblies
›
Asset bundle protection: AES-256 encryption, HMAC signing, signed URL delivery with expiration policies
›
Client integrity: jailbreak/root detection, debugger detection, code hooking prevention, certificate pinning
›
Secure progression storage with server-authoritative state validation and anomaly detection
Cryptography & Key Management
›
Cryptographic key hierarchy design: hot/cold wallet separation, quorum-based signing for high-value transactions
›
Key storage: AWS KMS, Secrets Manager, hardware-backed keystores, envelope encryption patterns
›
HSM integration and software fallback with audited key rotation policies
›
Transaction security: pre-flight simulation, replay protection, rate-limited RPC endpoints with request signing
Cloud Security (AWS)
›
IAM: least-privilege policy design, permission boundaries, role-based access across multi-account organizations
›
Container security (ECS/EKS): security groups, pod security policies, encrypted task definitions, image scanning in ECR
›
Network security: VPC isolation, private subnets, security group micro-segmentation, NAT gateway architecture
›
Monitoring & compliance: CloudTrail, Config rules, GuardDuty, Security Hub, automated incident response
›
Infrastructure as Code security: Terraform state locking, policy-as-code (Sentinel/OPA), drift detection
CI/CD Security
›
Secure pipeline design: branch protection, required reviews, signed commits, gated approvals for production
›
Build-time security scanning: dependency vulnerabilities, secret leakage prevention, container image scanning
›
Artifact signing and provenance attestation for deployable artifacts
›
Deployment security: canary releases, rollback automation, post-deployment validation
Tools & Technologies
›
Static Analysis: Semgrep, SonarQube, Trivy, Checkov
›
Secrets: AWS Secrets Manager, HashiCorp Vault, GitHub Secrets
›
Cloud Security: AWS IAM, GuardDuty, Security Hub, Config, CloudTrail
›
Obfuscation: Unity IL2CPP, ConfuserEx, Beebyte
›
Blockchain Security: Slither, Echidna, Mythril, go-ethereum
›
Compliance: COPPA, GDPR-K, SOC 2 knowledge