Kenan Can Yararbaş

Application Security Engineer

JotForm

Istanbul, Turkey

07.2021 - 04.2025

Managed timely resolution of identified vulnerabilities through effective collaboration with both internal teams and external vendors.
Managing Organization's Bug Bounty Program All the way through triaging vulnerabilities to mitigation steps.
Developing internal security oriented products in order to use them in our CI/CD pipeline.
Enhanced application security by conducting thorough vulnerability assessments and penetration testing.
Taking an active role in the Security Champions program of the Jotform organization by tutoring the candidates about the application security related aspects.
Developed a L7 DDoS protection algorithm by utilizing machine learning based approaches.
Integrated & audited security automation products (DAST, SAST etc.) to the CI / CD pipeline.
Done regular code reviews on a codebase which is developed by more than 300 developers.
Implementing API’s for the developers to make them easily implement secure code.
Mentoring six summer interns and providing suitable projects for the corresponding skill set of them.
Assisted developer teams through the early stages of SDLC to give them an insight about the architectural vulnerabilities.
I’ve done threat hunting in the wild to see what kind of information that the adversaries may have that belongs to the organization that I’m working for.
Assisted the incident response team in the time of needs to find the root cause of an incident.
Researched on the most recent 0-day vulnerabilities to verify and help close the vulnerability with the relevant department.