Disclaimer: This is my personal blog and my posts/views does not reflect my current or previous Employers.
This blog is a gateway into my brain and life. I try to keep this blog updated with my learnings and help anyone who might find this information useful.
Who am I?
Sumanth is an enthusiastic human who loves to work on cybersecurity, lift weights, hiking and enjoy life in general. If I didn’t bring up biryani my intro would not be complete - I live for biryani! Professional experience in case you are interested.
Product/Feature launches
Over my career I have performed security for multiple products/features I’m going to the list the ones that are public:
- Amazon Photos Gather - Allows customers to upload anonymously to your Amazon Photos account. I influenced and tested the security of this feature.
- Natural language search - This is semantic search which allows customers to search using natural language. This is a massive change in multiple services to support this feature. I influenced and tested the security for this feature.
- Image search - Allows customers to search for a product on Amazon directly from the app. This gets too much heat for what the feature is; don’t believe me look at the network calls.
- Shutterfly X Amazon Photos - Allows customers to print using Shutterfly; It’s a standard OAuth2 implementation with a twist. I made the requirement to expire the consent after 6 months and customers need to consent again after 6 months. Customers often forget to check who has access to their personal data, this is especially disastrous in case of Photos. As a customer I can upload something sensitive without remembering that they have consented to share the data with Shutterfly. This made me campaign for this expectation and its finally live in production. I wish all Oauth2 is like this where expiry can be defined by the customer.
Guiding Philosiphy
I believe digital security is every individual right and I walk towards it one step at a time!
This blog is pretty new so does not contain any info; I need to migrate stuff from my old blog to here. one more to-do lol.