Implemented Kubernetes RBAC, Network Policies, image scanning pipeline, EKS hardening.
Baseline guardrails for GCP using Terraform: logging, segmentation, secure factory.
Automated DevSecOps pipeline: SAST, DAST, IaC scanning, artifact promotion.
Automated Terraform plan, OPA policy check, apply pipelines using GitHub Actions.
Threat modeling for microservices: SAST, DAST, API security tests.
Secure SDLC: developer training, secure code review, threat modeling.