Ananya Tewari

• Conducted manual secure code reviews for 200+ applications, identifying and remediating critical
vulnerabilities including XSS, SQL Injection, and insecure API endpoints.
• Automated and integrated security tools like SAST, SCA, DAST, and container scanning into 30+ CI/CD
pipelines, reducing build-time vulnerabilities by 40%.
• Addressed 100+ secret leakage incidents in GitGuardian, establishing automated processes to manage
exposed credentials securely.
• Enhanced SDLC security maturity by integrating ArmorCode into Source Control Management (SCM),
enabling centralized security control for multi-team projects.
• Delivered security training sessions to 50+ developers, improving adherence to secure coding practices
across teams.
• Conducted internal and external network penetration tests to identify vulnerabilities in infrastructure
components.
• Performed targeted red teaming assessments on critical applications.
• Developed over 100 Go and Python scripts for security automation.

• Reverse engineered 300+ Android applications, uncovering vulnerabilities including unauthorized data
access and insecure API usage.
• Conducted comprehensive penetration testing on 15 high-profile enterprise mobile applications,
collaborating with development teams to implement fixes within SLA timelines.
• Authored detailed security playbooks and created 12+ technical documentation guides, enabling faster issue
identification and resolution.
• Performed dynamic analysis of mobile traffic to discover hidden or undocumented APIs, token flaws, and
weak rate-limiting implementations.
• Used tools like MobSF, JADX, and custom Python scripts to extract endpoints, analyze obfuscation
patterns, and simulate real-world attack scenarios on mobile APIs.
• Helped engineering teams secure API integrations with mobile clients, reducing risk of token abuse and
unauthorized backend access.
• Performed targeted red teaming assessments on critical applications.

• Performed static and dynamic malware analysis for 1, 000+ mobile applications, detecting and mitigating
threats such as ad fraud, spyware, and phishing attacks.
• Led 50+ cybersecurity training sessions on Google Play Protect and secure Android development, achieving
a 90% adoption rate of best practices across teams.
• Spearheaded process improvement initiatives, reducing malware detection turnaround time by 25%.

• Conducted reverse engineering and malware analysis on 500+ Android applications, detecting critical
vulnerabilities affecting millions of end-users.
• Partnered with global teams to enhance the security of 200+ Google Play applications, ensuring compliance
with Google Play Store guidelines.
• Reduced false positive rates in malware detection processes by optimizing tooling and workflows, achieving
a 30% efficiency improvement.