About me
Hello there! ππ½
Iβm Aseem Shrey β Security Engineer at Scale AI and founder of ShipSecAI, based in San Francisco.
Iβm an Ethical Hacker. Iβve hacked into trillion-dollar entities like the US DoD, American Airlines, and the Government of India, and billion-dollar companies like Google, GM, IBM, and MMT β and have been acknowledged by them. Thatβs how I landed my first security role too: by finding I could delete millions of customer orders at Blinkit.
Specializing in offensive security orchestration and AI-native security systems. From bypassing mobile locks as a kid to building automated security pipelines β the craft has evolved but the drive to break and rebuild systems hasnβt.
I love adventure and travelling. My last trip was to Andamans where I could go for scuba diving. I like to run πββοΈ and swim π but have been lately irregular.
On CyberSecurity
Through these almost 8-10 years ( last 5 years is when I actually got to do something ) of my journey into cybersecurity, I learnt a lot and relearnt even more.
After 5 years at Rippling and Yahoo, I kept seeing the same issue β even with 20+ security engineers and $5M+ budgets, teams couldnβt confidently say if their product features going live were secure or not. Thatβs why I started building ShipSec.ai β Your AI Product Security Engineer. Before ShipSec, I built SecureMyOrg β a CyberSecurity Remote Partner, still serving clients across the US, UK, Singapore, and India.
I understand a lot of challenges that a beginner faces when starting with ethical hacking. To help new people get started into cybersecurity through a proper guided way, I created a youtube channel in Mayβ20, HackingSimplified β now a community of 15,000+ cybersecurity enthusiasts.
CyberSecurity is an ever changing landscape with new threats and bypasses coming everyday. You need to keep yourself updated with the latest trends.
Past Life
Before Scale AI, I was a Security Engineer at Rippling (building vuln management, DAST scanners, and security leaderboards), a security consultant at Yahoo, Senior Information Security Engineer at Gojek (compliance-as-code, red teaming, app pentesting), and Security Engineer at Blinkit β joining as the 2nd member of the security team and shipping things like DNS-as-Code, the G-Shield PR security bot, and Vault-backed temporary DB credentials.
After schooling at DPS RKP, I did my BTech at IIIT-Allahabad, and an MS in Privacy Engineering at Carnegie Mellon University, Pittsburgh.
A few things Iβm proud of
- Spoke at CloudNativeSecurityCon North America 2024
- HackIM CTF β 1st in India, 8th World Rank
- 5th place at CSAW Finals 2017
- Hall of Fame β Digilocker (Government of India)
- DRDO CTF β Top 20
Around the web
Tool Stack
Daily Updates
- YCombinator π§
- HackerNews π°
- Twitter π
Newsletters π°
Blog Stack
- Hosting: Netlify π₯ (prod) / Linux homeserver + Cloudflare Tunnel (dev preview)
- Static Site Generator: Astro π
- Sync: Mutagen (Mac β homeserver, real-time)
- Editor: Visual Studio Code + Claude Code π«
Gadgets
- Computer: MacBook (with Mutagen syncing to a Linux homeserver running Docker + Cloudflare Tunnel for live previews) π»