I currently work as an Application Security Engineer at Bugcrowd, where I triage for numerous Bug Bounty Programmes and develop automation to improve workflows.

Previously, I worked at Postman (they recently crossed 20M users ๐Ÿš€) as a Security Engineer, where I led several security engineering initiatives and handled their Bug Bounty Program. I also led two of the squads responsible for the overall security of the Postman application and its web components.

Before that, I was one of the founding members of CloudSEK, where I helped establish the security program from scratch and built automation pipelines to detect security misconfigurations and web application vulnerabilities.

I occasionally participate in Bug Bounty Programmes and have reported valid security issues to Google, GitHub, Slack, Swisscom, and several other companies. I also won the HackerOne’s CTF in 2017 and participated in the H1-702 live hacking event.

I try to give back to the community whenever I can. Until a few years back, I used to be very active on Stack Overflow (and other Stack Exchange communities). I have managed to provide answers reaching over 5.3 million people. Here’s my Stack Overflow flair:

profile for Amal Murali at Stack Overflow, Q&A for professional and enthusiast programmers

In my free time, I enjoy traveling, hiking, reading, hitting the gym, and playing chess.

Feel free to check out my profile on Stack Overflow, GitHub, and LinkedIn. If you’re feeling social, say hi on Twitter.

Projects

Open Source Contributions

Here are some of my open-source contributions: