I work for Reversec since April 2025. My first blog post for them tells that I found some vulnerabilities in LAPSWebUI in a client engagement and reported the findings to the vendor Truesec, who confirmed most of them and issued a new version with fixes.

I work for the security consultant company Defensify where I conduct security assessments of applications and networks. In December 2020 I made a review of a web application written in Ruby on Rails. I will not disclose the name of the client or any other vulnerabilities found in the client’s application, but this blog post tells the story of how I found a security vulnerability in one of the third-party dependencies they use, which is open source, and got my first ever CVE assigned. \o/