I am Pham Viet An - a software engineer that blends into the world of application security with a focus on web security at LY Corporation. My daily responsibilities involve
- Identify vulnerabilities in web and mobile applications, where I have discovered issues including IDOR, XSS, SSRF, RCE, SQLi, NoSQLi, and path traversal.
- Develop automated scripts for thousands of services running on LINE's cloud infrastructure to detect and mitigate security risks, such as log4j vulnerabilities and legacy or insecure libraries like libwebp related libs.
- Manage LINE Corporation's bug bounty program.
- Organize LINE Capture the Flag (CTF) challenges annually.
- Conduct security training sessions for our developers.
I have around 5 years of experience in software development, and 3 years of application security. This background enables me to understand multiple perspectives, allowing me to provide clear explanations and propose the most effective approaches to solving complex problems.
I help secure the world by reporting my findings whenever I found any vulnerabilities in open-sourced packages.