Sailesh Duvvuri

Azure SQL DB

• Significantly contributed to the development of a SQL engine code base with a focus on security and authorization for both RBAC and ABAC. Played a key role in designing crucial features such as incremental policy fetch, addressing diverse aspects of SQL, and accommodating various database types and scenarios. Implemented efficient storage solutions for external authentication data using in-memory cache and metadata. Optimized policy storage, enhancing performance from minutes to milliseconds. Actively added end-to-end (E2E) tests and Onebox tests for the feature and addressing challenges related to hyperscale, geo-secondaries, and elastic pools.
• Have good eye for attention-to-detail and through self drive, identified several security concerns and corner cases and addressed them in the feature. Similarly identified the parts where network/memory can be optimized for better performance and made significant changes. Based on alerts from monitors, created auto-resilient features for database recovery.

Purview- Data Governance

• Lead the design and execution of M365 MIP policy integration with Purview. This has complexity of bringing two different cloud services together M365 Substrate and Azure. Currently en route for Public Preview and the interfaces that are built in this design are being used for supporting governance on AWS S3, and also different policy types like DLP.
• Led the knowledge sharing sessions for the team in various distributed computing topics.

RiskService

NetIQ Risk Service protects against high-risk authentication and application access requests by initiating strong or multi-factor authentication when risk scores indicate that a higher level of identity verification is needed. To be effective, the Risk Service can consume contextual-related metrics from a variety of sources. In addition to its integration points, administrators can get started with the Risk Service using out-of-the-box metrics that they can configure themselves. The best way to identify and protect against imposter-based attacks is to learn the unique normal behavior of every identity in your environment. This type of baseline enables the Risk Service to detect most anomalous and suspicious behaviors. User and entity behavior Analytics (UEBA) are the next step in building an effective context-based adaptive environment.

Technologies: Docker, Kubernetes, Nginx, Envoy, Service Mesh, Redis

• Joined the team with no prior hands-on with the technologies like Spring, Cloud, microservices, but able to demonstrate knowledge and passion by learning quickly and delivering on commitments. Responsible for one of the key modules which defines the data model and supports multitenancy. Received recognition for delivering features despite being new to the areas/product with high quality

NetIQ Access Manager Access Manager is a comprehensive access management solution that provides single sign-on and secure access to web-based applications, SaaS services, and federated business-to-business interactions. Access Manager uses industry standards, such as SAML, OAuth, OpenID Connect, and WS-Federation to deliver federated single sign-on and supports multi-factor authentication, role-based access control, and data encryption.

• Worked on newer technologies compared to past experience
• Gained knowledge on access technologies like access gateways and protocols like OAuth, SAML2
• Architected in containerizing access gateway for SaaS
• Worked on technologies such as Kafka, AWS and Kubernetes.

NetIQ SecureLogin (2006- 2018)

NetIQ SecureLogin is an Enterprise Single SignOn application. SecureLogin streamlines user authentication for enterprise applications by providing a single login experience to the users. It eliminates password reset calls, protects against unauthorized access to business applications, and integrates with almost any authentication device.

• Worked on almost all modules of the product in all aspects of development. Have excellent knowledge on Windows Internals, shared libraries, OS concepts and most of the windows related technologies. Authentication modules using LDAP, SmartCard and Multi-factor to various directories like Active Directory, AD LDS, eDirectory. As this deals with sensitive data, care has to be taken to ensure that data is protected during all phases of development and runtime. Go-to developer for support teams and management for any complex customer scenarios for my ability in problem solving and interpersonal skills. Most of the code is written in C++. When newer compilers and C++ versions have come, pioneered the move of modernizing existing code and setup. Updated the Unit Testing framework to Catch2 from cppunit to accommodate this.
• Presented about my product in various forums including in 'BrainShare 2011' in Salt Lake City, US

Desktop Automation Services: Desktop Automation Services (DAS) is an add-on to SecureLogin that handles unique use cases associated with shared workstations or kiosks. Initially as a different product, later merged to SecureLogin.

Technologies: C++, XML parsing, Installer, COM, LDAP, eDirectory

Expertise Highlights:

· Handled the product alone through two releases by adding features and bug fixes. Identified potential integration points with NetIQ SecureLogin and proposed to product management. Handled integration with SecureLogin for installer, code, documentation.

This is one of the well-advertised features of SecureLogin nowHandled the product alone through two releases by adding features and bug fixes