VILLAGE

Secure Code Village

→By Gaurav Bhosale, Hare Krishna Rai

Description

Secure coding is no longer an afterthought—it is a necessity. As organizations strive to build secure applications, security must be integrated at every stage of development. Secure Code Village (https://securecodevillage.com/ ) proposed one-day, hands-on experience at VULNCON 2025, dedicated to empowering developers, security engineers, and DevSecOps teams with practical skills and knowledge to build secure software from the ground up.

This initiative aims to provide attendees with a unique learning opportunity through interactive workshops, Code Capture The Flag (Code CTF) challenges, and live demonstrations. By incorporating Secure Software Development Lifecycle (Secure SDLC), DevSecOps automation, and shifting left in security, the Secure Code Village will equip participants with the skills needed to proactively identify and mitigate security risks in their code. This session aligns with Vulncon's mission to advance cybersecurity awareness and best practices.

SpeakerGaurav BhosaleFounder @ Secure Code Village

Gaurav Bhosale is a cybersecurity professional with 7+ years of experience, currently working as an Application Security Engineer and founder of Secure Code Village. He specializes in DevSecOps and penetration testing, with a proven track record in delivering security assessments for high-stakes financial applications. Gaurav has led threat modeling, code reviews, and the integration of security into CI/CD pipelines. He previously worked with Mastercard and Payatu, contributing to the security of critical systems at scale. He is passionate about building secure systems and promoting security awareness through community initiatives. Gaurav has also been a speaker at conferences like ThreatCon Nepal and Seasides Goa.

SpeakerHare Krishna RaiSecurity Engineer @ Okta

Hare Krishna Rai is a security researcher passionate about software supply chain security, secure coding, and open-source tooling. He is the co-creator of SCAGoat — a deliberately vulnerable project designed to evaluate SCA tools and container security solutions. HK has presented his work at DEF CON (AppSec Village & DemoLabs), Black Hat Europe, c0c0n, and other global conferences. He is a core team member at the Seasides Information Security Conference, where he also leads the SAST & SCA Village. With 3+ years of experience, his focus spans identifying vulnerable and malicious packages across ecosystems, automating CVE detection, and building developer-friendly security tooling. In his free time, he enjoys sci-fi movies, music, and mentoring aspiring researchers.