Roman Trashchinskiy



Hi, everyone. My name is Roman Trashchinskiy. I am junior information security engineer. I have a couple of years of work experience. I do investigate everything I work with, because this is the only way I can become the best at what I do.

Security engineer & DevOps.

My slogan is defeate yourself.

  • Birthday: April 2000
  • Phone: Under the secret
  • City: Mosсow, Russia
  • Degree: Bachelor
  • Looking for a job: No


Let's take a look at my skills. Because of the great interest, I am developing in a variety of professionals scopes

Application Security

I know what OWAPS TOP 10 is, RCE, XSS, Clickjacking, Authorization Bypass, WT Misuse, Request Smuggling, SSTI and etc.

DevOps security

I created a Docker Auth Plugin, understand the danger of mounting /var/run/docker.sock in containers, know about the docker breakdowns, why we should not use Dind in k8s pod, can explain why company should refuse from shell runners (how to hardcode).


I administrated Keycloak, khow the difference between OpenID and SAML, can create Authentication flow, to configure Impersonalization, permissions, to advise how configure authentication securely.


Programming on Python and GO. Can create service with authorization, for some security needs, cron jobs, to connect the postgressql, read data from Kafka, S3, Redis


Khow what model OSI is. Can register a domain and buy certificate, understand what's going on under the hood, can securely rise up infrastructure for the company, how to use iptables.

Secrets Search

I was responsible for finding secrets. I know where to look for them and how to fight. How to create a process and automate the search.



Moscow, Presnenskaya emb., 10, room I, fl.1


Under the secret