Development • Assessment • Security • Automation

Bridging the gap between security and development.

I help teams ship faster without leaving security behind, through practical AppSec consulting, secure architecture, and automation that fits modern developer workflows.

Application Security
Threat modeling, review & hardening
Secure Development
Dev-focused practices & training
Vulnerability Assessment
Actionable issues, validated impact
Security Automation
CI/CD checks and guardrails
Try webscan.dev View projects
AppSec DevSecOps Web security Tooling
DEVaesia cybersecurity & devsecops

DEVAesia services

Security & development solutions

Clean deliverables, pragmatic recommendations, and work that fits how your team actually ships.

Development

Secure software engineering with built‑in security controls and sane defaults.

Assessment

Practical security reviews and vulnerability assessment for web apps and APIs.

Analysis

Technical analysis and research - turning signals into clear, prioritized actions.

Awareness

Developer-friendly security awareness and enablement (not fear‑based training).

Intelligence

Security posture insights and monitoring guidance for modern application stacks.

Automation

CI/CD automation that catches issues early and keeps releases moving.

Featured projects

Tools & writing

A couple of projects that reflect how I like to build: fast, readable, and security-first.

webscan.dev

Security scanner built for developers

Tool

A privacy-first security analysis platform designed for quick signals and a clean report flow.

  • Lightweight, non-intrusive checks
  • Clear findings with remediation
  • Fast and easy to explore
  • Built for dev workflows
Visit webscan.dev Request a deeper assessment

techsplicer.com

Cybersecurity notes for developers

Blog

Practical write-ups on security headers, TLS, application security workflows, hardening, and lessons learned from building.

  • Developer-friendly guidance
  • Security tooling & patterns
  • Real-world examples
  • Ongoing research
Visit techsplicer.com How I work

Want the full picture?

Pentest & vulnerability assessment

Automated tools are great for quick signals. But they can miss auth flows, business logic, and real exploitability. If you want a thorough review, I can help.

  • Authenticated testing (real user flows)
  • Manual validation of findings & impact
  • Clear remediation guidance
Contact me Read the blog

Tip: If you already have scan output, share it and I’ll help prioritize what matters.

FAQs

Common questions

Quick answers about assessments, automation, and how the work is delivered.

What security assessment services do you offer?

Vulnerability assessments, targeted pentests, secure architecture reviews, API testing, and pragmatic hardening guidance. The focus is on validated issues with clear remediation.

How does your security automation work?

I integrate security checks into CI/CD and developer workflows: dependency alerts, config checks, baseline scanning, and guardrails that reduce regressions.

How does webscan.dev help?

webscan.dev is designed to be quick and easy to explore. Great for initial posture signals (TLS, headers, public files, basic fingerprinting). For deeper testing, pair it with a manual assessment.

Do you offer custom security solutions?

Yes. I can build custom checks, internal dashboards, or automation that fits your stack. Especially when off‑the‑shelf tools don’t match your workflow.

How can I stay updated with your security insights?

Follow the blog at techsplicer.com for write-ups, patterns, and practical guidance.

Can you integrate with our existing development workflow?

Yes. The goal is to fit into what you already use (GitHub/GitLab, CI/CD, issue trackers) so the security work is actionable and easy to keep up to date.

Get in touch

Contact

Tell me what you’re building, what you’re worried about, and what “done” looks like.

Connect

Interested in improving your application security or implementing automated security testing? Let’s discuss what makes sense for your team.

Email me Read the blog
Typical starting points: targeted pentest, appsec review, secure headers & TLS hardening, CI/CD security automation.

What you’ll get

  • Clear scope & deliverables
  • Validated findings (less noise)
  • Remediation guidance your devs can use
  • Optional follow-up retest