Hi, I'm Barath.
Staff Product Security AI Engineer at Adobe. 17+ years building secure-by-default platforms — most recently at the intersection of AppSec, AI, and developer workflows.
I've spent the last 17 years working on the unglamorous, load-bearing parts of software security — threat modeling, secure-by-default platforms, identity protection, and the long loop between "we found something" and "the next version of the platform won't let it happen again."
Today most of my work sits at the intersection of application security and AI. AI coding assistants changed the shape of the developer loop, and the security model has to change with it. I lead Project Netraat Adobe — shift-left guardrails for ~14K developers using AI coding tools — and I publish what I learn so other teams don't have to start from scratch.
Outside of work, I write on Medium, advise the Strategic AI Program at the University of San Francisco, and tinker with multi-agent and RAG patterns on GitHub. This site is where all of that lives in one place.
Featured by Adobe's Talent Development & Learning Team.
Adobe spotlighted me as one of their Top Digital Learning Resource advocates and invited me to a short interview film about how continuous learning has shaped my career — and how it might inspire others on the same path.
“Learning is not attained by chance; it must be sought for with ardor and attended to with diligence.”
Recent talks.
Security, AI agents, and the identity attack surface — recorded sessions from recent conferences.
Experience
Staff Product Security AI Engineer
- Project Netra — shift-left security guardrails for AI coding assistants across ~14K developers; shipped a VS Code extension enforcing automated security rules in the IDE.
- Built and scaled a “secure blocks” methodology — secure-by-default service building blocks with embedded controls.
- Founded Adobe Cyber Trail (ACT) to convert cross-functional security signals into actionable insights and automated response.
- Secured 19M+ customer accounts with an automated leaked-credentials intelligence system; reduced ATO risk.
- Lead brand and in-product anti-phishing programs — 50K+ phishing reports per quarter.
- Threat-modeling SME for Identity Management Services.
Staff Application Security Engineer
- Instituted enterprise threat modeling for high-risk apps via the Architecture Review Board — eliminating design-level flaws before implementation.
- Built EPVS (Enterprise Password Verification Service) aligned to NIST SP 800-63B, lowering credential-stuffing risk.
- Deployed hardened CSP across customer-facing sites, shrinking the client-side attack surface.
- Built the Integrity Verification Procedure (IVP) — continuous validation of third-party/client-side code, blocking Magecart-style skimming.
Technology Lead
- Led a team of 5 designing and developing the Item Master web application using Spring MVC, MyBatis, and JMS.
- Spearheaded user-registration and admin module rollout for 1,250+ new vendors (Walgreens).
Talks & sessions
- BSidesSF — Log In Through the Front Door: Automating Defense Against ATO2025
- From Shadow AI to Secure Agents: The C.H.A.N.G.E. Playbook2025
- OWASP Bay Area Meetup2025
- M3AAWG 65th Conference2025
- Adobe Hackfest, Hamburg2025
- BrightTalk — security webinar2024
Selected writing
Recognition
- ·Adobe Security Annual Award (2024) — Own the Outcome & Persistent Partner
- ·Adobe Founders Award Nominee (2024)
- ·Adobe — Top Digital Learning Resource advocate
- ·AI Hackathon Winner — MongoDB GenAI, LangChain Agents & Compound AI, Best Use of LlamaIndex
Certifications
Community
- ·Active member of Cyberpeace Institute
- ·Advisor — Strategic AI Program, University of San Francisco, School of Management
Education
Master of Computer Applications (MCA)
Kumaraguru College of Technology, Tamil Nadu, India
Best Outgoing Student Award
Bachelor of Computer Applications (BCA)
KonguNadu Arts and Science College, Tamil Nadu, India
Academic Proficiency — 3rd Rank