Roshan Piyush is the Head of Security Research at Harness and leads Harness Security Labs, where he focuses on uncovering and weaponizing weaknesses in modern application, API, and AI-driven systems.

With over 11 years of security research experience, his expertise spans database security, JVM internals, application and API security, and agentic AI systems. His work centers on how attackers exploit complex execution paths across CI/CD pipelines, software supply chains, cloud-native architectures, and autonomous AI workflows.

He leads the development of detection and prevention systems built to operate under real adversarial conditions, translating emerging attack techniques into production-grade security capabilities that provide deep visibility across the code-to-runtime lifecycle.

Roshan has contributed to open-source projects such as OWASP crAPI and Coraza WAF, and actively shares his work through talks, tools, and the security community. He has spoken at multiple conferences and meetups, and conducted workshops at events including at API Security meetups, OWASP AppSec Goa, and Defcon AppSec Village.