Senior Security Researcher at Sonatype.
Author at CSO Online, BleepingComputer, CIO, Security Report, Hacker Noon, …
M.S. in Computer Science, Georgia Tech.
B.S. in Software Engineering, Drexel University
Endorsed an Exceptional Talent, a recognised leader in Tech by the British Government and frequently featured by leading media outlets like Fortune, The Register, and CIO, Ax Sharma is a Security Researcher, Threat Intel Analyst, and Tech Reporter who holds a passion for perpetual learning. In his spare time, he loves exploiting vulnerabilities, ethically, and educating a wide range of audiences via blogging and vlogging. He’s an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
Ax’s expertise lies in malware analysis, vulnerability research, threat intelligence analysis, and web app security. Through responsible disclosure, he has previously exposed serious bugs and security vulnerabilities affecting national & global organisations like HM Government, Yodel, U.S. DHS, P.F. Chang’s, Planet Fitness, Comcast/Arris, Ellucian, and the popular restaurant chain, Buca di Beppo.
In early 2018, Ax helped prevent a massive data breach at Georgia Tech by going public with a serious flaw that was left unpatched for over a year. He hence earned himself a place on Tech’s Vulnerability Reporters “hall of fame” page.
To consult Ax for your next big security project or for media source requests, drop him a note here.
Ax’s hobbies include working out, reading, playing piano and developing innovative, upcoming web projects.


- 5 ways cybersecurity awareness trainings can strengthen your organizationAccording to an InfoScales report, 95% of successful cyberattacks have human error as the leading cause – most notably company employees falling for phishing scams. This is an important observation as cybersecurity efforts often intuitively focus largely on strengthening the technical controls in an organization to prevent data leakage, willful… Read more »
- 5 practical ways your organization can benefit from DevSecOpsIt’s right there in the moniker: DevSecOps , a portmanteau of Development, Security and Operations, implies introducing security early on – as a part of a comprehensive, agile Software Development Life Cycle (SDLC) used by your organization, rather than doing so iteratively or waiting until after a release.Given how security… Read more »
- Is our obsession with regulation killing the web?Anybody who’s been paying attention has noticed just how much the internet has changed within the last 10 years.From the humble looks of Google’s homepage to the vast existence old-school message boards and a virtually irrelevant “social” media, the internet largely felt like an accessory, a toy you could play… Read more »
- 7 steps to landing your first IT job, fastIT is a constantly expanding sector with its ever-increasing demand for skilled talent and the projected scope for growth within the next few years. This is especially true for the Information Security subfield for which the vacancies are drastically going up while the workers are struggling to catch up in… Read more »
- 7 ‘don’ts’ of diversity for fostering a healthy office cultureChange at a workplace is hard and often comes with improvements and challenges which cannot be ignored. Change can be a struggle for employees who often need time to gradually adapt themselves to it, rather than feeling forced into it. Even minor changes, for example, changing your company’s choice of… Read more »
- 5 ways a global presence can benefit your tech companyIf you run a successful tech startup or an established business, primarily offering digital products and services, chances are you have a significant customer presence worldwide. There also lies a high probability that you leverage a remote workforce ‘round-the-globe enabling increased collaboration over time zones. While staying local never hurt… Read more »

Medium: Go to Medium blog >