arrow_back Back to qa.sarmkadan.com

// SELECTED WORK

Selected work..

Three engagement archetypes. Composite cases built from real audit patterns - code samples, attack chains, and remediation steps are drawn from actual work; client names and specific metrics are illustrative.

HELIX (anon) FINTECH
-91% P1
defects in 8 weeks

Series B fintech. Fixed auth-check ordering IDOR, ledger race under concurrent POST /transfer, 72h reset-token TTL drift.

READ CASE arrow_forward
ORBITAL (anon) B2B SAAS
340→80ms
time to interactive

B2B analytics SaaS. N+1 on nested org relationships, pathological React re-renders, WebSocket fan-out without backpressure.

READ CASE arrow_forward
TONIQ (anon) HEALTHTECH
0 critical
in SOC2 Type I audit

Healthtech. PHI leakage in error responses, audit-log gaps on failed auth, RBAC scope creep through middleware.

READ CASE arrow_forward

Want the same?

Twenty-minute scoping call. You explain the surface area, I explain whether the Spot Audit, Launch-Ready, or Continuous tier actually fits.

Book a 20-min call arrow_forward