Sanjay Gondaliya

Principal Security Consultant, NotSoSecure

Sanjay has been with NotSoSecure since June 2018 and his work mostly involves Penetration, Testing of web applications,mobile applications (especially Android) and external infrastructures.His work also involves code review for some major clients. These are generally large organisation and ecommerce platforms, that are mostly based in Europe and the US. His trainer work has involved supporting courses at BlackHat Asia and researching and updating the NotSoSecure Advanced Web Hacking training course. Finally, his job involves undertaking various types of research, which is published on the NotSoSecure blog and NotSoSecure’s GitHub Repository. 

Sanjay holds a Master’s degree in Computer Applications gained in 2012 and has 9+ years’ specialist experience in Information Technology. He started off as a developer to develop the web application firewall for the IIS server which protect against the web application vulnerability where he skilled in various programming languages like (, python, ruby, c, c++,Java).  
He then moved to information security where he carried out penetration testing work for Indian, USA and middle east banking clients. He now has extensive penetration testing experience involving web applications, mobile applications and external Infrastructure. He has participated and presented in a number of Null chapters and also participated in Bug Bounty programmes.