I'm a security researcher and engineer passionate about all things related to cloud, SaaS and no-code security.
Affiliations:
- Co-founder and CTO at Zenity, which provides security governance for low-code / no-code applications
- Project lead at OWASP Top 10 Low-Code/No-Code Security Risks
- Columnist at DarkReading
Currently working on:
- Power-pwn - repurpose Microsoft-trusted executables, service accounts and cloud services to power a malware operation
- Powerful - install a backdoor on O365 Power Platform enabling creating, triggering and deleting any arbitrary automation
- ZapCreds - scan Zapier for shared credentials ready for exploit
Check out my latest and upcoming talks, come and say hi!