Menu
Kashyap, our Senior Software Engineer at Topsec Cloud Solutions, combines a passion for AI, a love of problem-solving and a deep commitment to making email security both powerful and approachable. He’s written research papers and built cutting-edge security features. Furthermore, Kashyap is driven by curiosity and a determination to stay one step ahead of the bad guys.
I work as a Senior Software Engineer at Topsec. My career began in India as an Associate Software Engineer at Object Frontier Software (OFS), where I worked with SaaS-based clients to develop complete full-stack applications. I’ve always had an interest in machine learning, NLP and image processing, which led me to join the R&D team at OFS.
I collaborated with both in-house and client-side developers to create minimum viable products. We followed best security practices such as the OWASP principles, which focus on the top 10 vulnerabilities in applications.
Back in 2019, I also published a research paper titled AI-Based Automatic Application Source Co-Generator Using a Chatbot and NLP Approach. It was inspired by Iron Man’s Jarvis; the idea was to let developers describe an application in natural language and have the system generate the source code automatically, with a preview.
With all this, I believe technology should be both powerful and secure. Anything less is an invitation for trouble.
In 2021, I moved to Ireland to pursue a Master’s in Data Science. While studying, I worked at Lycamobile as a Business Analyst, where I used my developer mindset to automate processes and streamline operations. I’ve always been curious about how a particular piece of software works; its architecture, strengths and limitations.
After graduating, I wanted to combine my development skills, AI interests and passion for security. That’s when I joined Topsec. I came for the challenge, but I stayed for the constant learning.
I build both backend and frontend systems for our core email security solutions. On the backend, I use Python. And on the frontend, I work with JavaScript and Vue.js.
Part of my role is ensuring all our libraries and APIs are kept up to date against vulnerabilities. Here at Topsec, the team is mostly senior, so we don’t just write code. We build shields that protect our customers’ most important communications.
When I joined, Gavin, our CTO, told me: “Security isn’t a feature. It’s a core foundation principle.” That stuck with me.
Recently, AI has become a big part of email security. I’ve worked on helping end users understand why an email has been quarantined or held. I summarise the technical jargon into clear, simple explanations so non-technical users can understand the threat and take the right action.
People are often tempted by the promise of free money or prizes. As a personal email user, I’ve received plenty of spam, phishing and marketing emails. One accidental click could drain a bank account.
From an organisation’s point of view, one human error could bring the business down. I wanted to build something that could make a real impact.
Email security is like a chess game: you always have to think three steps ahead of the attackers. It’s challenging, but that’s what makes it interesting.
I grew up with the mindset that if you’re going to master a craft, you should do it so well that you set the standards. When I interviewed at Topsec and met the team, I could see the company had that same razor-sharp focus. We do email security really well.
Security needs a constant focus. You don’t “do” security once and then it’s done.. Topsec’s commitment to secure development and ongoing learning matches my own philosophy.
Email security has changed drastically in recent years. Pre-COVID, most organisations relied on centralised infrastructures and securing office networks. Post-COVID, hybrid and remote work has boomed, widening the attack surface. Now, threats can target people’s phones or laptops anywhere. No matter where you are, one click can cause major damage.
Generative AI has also made it possible for attackers to craft highly targeted emails by analysing an organisation’s behaviour. This makes it harder to know if a message is genuine or spoofed.
Traditional safeguards like DKIM, SPF and DMARC may fail against advanced AI-generated emails. That’s why preventive measures are so important. These consist of adaptive AI systems that learn the patterns of emails coming in and out of an organisation and detect anomalies without invading user privacy.
I like to use relatable analogies. For example, email security is like home security. A basic lock offers minimal protection, but if you add alarms, cameras and strong fences, you create multiple layers of defence.
Good security doesn’t just protect; it educates. People need to understand why a particular decision has been made so they can make safe, informed choices. I take time to craft explanations so our support or admin team can clearly communicate with every customer.
There are a few. I implemented advanced impersonation protection to safeguard executives and VIPs from spoofing attacks. I also built a core API for Emergency Mail Access, so customers can still access their email if their main service provider is down.
I’ve also developed admin interfaces to onboard customers and manage features. The best feeling is when a feature I’ve built stops an attack before it reaches the user.
The continued adoption of AI and the potential it has for improved threat detection is exciting. This is especially when it’s backed by properly trained datasets. It should allow us to match patterns and flag suspicious activity even more effectively.
That said, I believe the human touch still matters. One of the things our customers appreciate is that they’re dealing with real people, not chatbots. Even as we embrace automation, we want to keep that personal connection. It’s about using AI smartly, in ways that actually benefit the customer, not just make life easier for us.
AI has the power to completely change email security, but only if we use it responsibly. It can spot threats faster, automate the right responses and keep pace as attacks evolve. On the other hand, used the wrong way, it can be just as dangerous as the threats we’re fighting.
I keep a close eye on compliance frameworks like NIST and DORA, which set the standards for secure systems. For every feature you build, there’s someone out there trying to break it. That means the only way to stay ahead is to keep learning, add layers of protection and embrace the best new technology.
