Vasudev Goud Bikki

// profile

About Me

For my Master’s thesis at Philips Medisize, I focused on security assessment of regulated healthcare mobile applications, aligning them with industry and regulatory requirements. I developed the HAVA tool to identify vulnerabilities early in the development lifecycle, strengthening secure design practices. In parallel, I pursued a specialized Master’s in Cybersecurity at DTU and contributed as a Teaching Assistant, supporting master’s level courses in cybersecurity.

// academic

Education

Technical University of Denmark (DTU)

MSc — Computer Science & Engineering, Cybersecurity Specialization

Feb 2024 – March 2026

Focused on ethical hacking, network security, data security, incident response, AI, and blockchain security research. Conducting real-world penetration testing projects and security simulations. Also serving as Teaching Assistant for Fundamentals of Cybersecurity and Logical Theories for Uncertainty & Learning (Sep–Dec 2025).

Gurunanak Institutions of Technical Campus

BE — Electronics & Communication Engineering

2019 – 2023

Built a strong technical foundation in electronics, circuit design, signal processing, and communication systems — the bedrock for systems-level security thinking.

// coursework

Courses at DTU

Computer Security & Incident Response

NIST SP 800-30, ISO 27001 risk analysis. SIEM, IDS, incident handling and system recovery.

Ethical Hacking

Penetration testing, Cyber Kill Chain, TLS, Kerberos, IoT and web security protocols.

Network Security

Cryptography, intrusion detection, malware analysis, and security models.

Data Security

Formal verification of security protocols using open-source model checkers.

Research Topics in Cybersecurity

Systematic review on blockchain applications in cyber-physical systems.

Introduction to AI

Search and adversarial algorithms, logic-based inference, belief revision, ethical AI.

Algorithms & Data Structures

Algorithm design, complexity analysis, and data structure optimization.

Computer Programming

Python proficiency, OOP, and NumPy for data analysis.

User Experience in Engineering

UX prototypes for next-gen interfaces using biometric data and systematic design.

Logical Theory for Uncertainty & Learning

Game theory, Nash equilibrium, and logic-based reasoning.

// hands-on experience

Projects & Technical Work

Master's Thesis — HAVA: Health Apps Vulnerability Assessment Grade: 12/12

Philips Medisize, Copenhagen — Sep 2025 – Present

Performed SAST, DAST, and runtime security testing of Android mHealth applications aligned with OWASP MASVS and MASTG.
Identified and mitigated risks in authentication flows, secrets handling, cryptography, secure storage, IPC, and API communication.
Mapped security findings to FDA and EU MDR controls, strengthening audit readiness and compliance documentation.
Developed HAVA — a Python-based automated mobile security analysis tool to detect vulnerabilities in mHealth applications.
Integrated automated security checks into GitHub CI/CD pipelines, enabling continuous and scalable security assessments.
Performed reverse engineering using JADX and Frida to analyze runtime behavior and security controls.
Delivered technical reports supporting regulatory compliance: FDA, EU MDR, HIPAA, GDPR, ISO 27001.

Python Automation JADX / Frida OWASP MASVS / MASTG FDA / EU MDR HIPAA / GDPR GitHub CI/CD

Android App Reverse Engineering

Reverse-engineered Android applications to expose top OWASP vulnerabilities — broken authentication, insecure storage, insufficient cryptography, and improper platform usage. Delivered actionable fix reports covering input validation and secure authentication strategies.

Reverse Engineering OWASP MASVS JADX / Apktool Android

Cyber Ship Security Assessment

Conducted an ISO 27001-based cybersecurity risk assessment for maritime systems using the NIST framework. Evaluated threats and vulnerabilities in critical shipping infrastructure and developed structured mitigation strategies aligned to international security standards.

ISO 27001 NIST Framework Risk Assessment Critical Infrastructure

Python Security Toolkit

Built a suite of Python security scripts from scratch: password strength analyzer, DNS record explorer, network port scanner, firewall configurator (iptables), and default-credential tester — all tested in live environments.

Python Port Scanning iptables DNS Recon Automation

Kill-Chain Penetration Testing Simulations

Applied the Cyber Kill Chain framework to simulate end-to-end cyberattacks. Conducted penetration testing with Metasploit, Nmap, and Burp Suite to identify, exploit, and document network vulnerabilities across recon, exploitation, and post-exploitation phases.

Metasploit Nmap Burp Suite Cyber Kill Chain

Blockchain Security Research

Conducted a systematic literature review on blockchain applications in cyber-physical systems (CPS), analyzing how distributed ledger technology enhances security, transparency, and efficiency where digital and physical components intersect.

Blockchain CPS Security Systematic Review

// professional

Work Experience

Freelance Penetration Tester

Self-Employed · Remote

Mar 2026 – Present

Conducting penetration testing on web applications including Telangana Association of Denmark (TSAD) and Lotus Bytes.
Assessing applications for OWASP Top 10 vulnerabilities — SQL injection, XSS, authentication issues, and security misconfigurations.
Documenting findings and delivering structured remediation reports to improve client application security posture.

Web Penetration Testing OWASP Top 10 Burp Suite SQL Injection XSS

Teaching Assistant — Master's Courses

Technical University of Denmark · Copenhagen, Denmark

Sep 2025 – Dec 2025

Fundamentals of Cybersecurity: Assisted Master's students in understanding core cybersecurity concepts, helped solve CTF exercises, and evaluated assignments.
Logical Theories for Uncertainty & Learning: Supported Master's in AI students on complex topics including First-Order Logic and Game Theory; evaluated assignments.

CTF / Cybersecurity Game Theory Teaching DTU

// arsenal

Skills

Application Security

SAST / DAST Penetration Testing Android Security OWASP MASVS / MASTG Reverse Engineering Vulnerability Assessment Threat Modeling Secure SDLC

Security Tools

Burp Suite Frida JADX Apktool Metasploit Nmap Wireshark SIEM / IDS Android Studio

Standards & Regulations

FDA EU MDR HIPAA / GDPR ISO 27001 NIST SP 800-30 CORAS Cyber Kill Chain

Programming & Automation

Python Bash GitHub Actions (CI/CD) SQL HTML / CSS Java (Basics)

Cloud & Identity

IAM API Security Access Control Secrets Management

Platforms

Linux / macOS / Windows

Spoken Languages

English — Fluent Danish — Beginner Telugu — Native

Soft Skills

Teamwork Adaptability Communication Leadership

// beyond the screen

Extracurricular & Activities

Board Member — Telangana Association of Denmark (TSAD) · tsad.dk

Serving as a board member of the Telangana community organization in Denmark. Responsible for organizing cultural events, providing support for Indian students and professionals settling in Scandinavia, and fostering community connections.

Gym & Boxing — Instagram

Competitive fitness training with focus on boxing. Develops discipline, composure under pressure, and rapid pattern-recognition — directly applicable to adversarial security work.

Dance Choreographer — Instagram

Choreographs dance routines combining creativity with multi-person coordination — builds systematic thinking and team orchestration skills.

Volleyball Team Captain

Led a volleyball team, managing strategy, team morale, and in-game decision-making under adversarial pressure — parallels directly to incident response leadership.