I am a Senior Security Engineer at Square where I develop infrastructure software that makes the business operate more securely. My focus is on providing identity to workloads in the cloud, where I was able to contribute to the SPIRE project.
I have a PhD from Northeastern University where I was working at SecLab. My main area of research was web security, I also worked on fuzzing for algorithmic slowdowns and integrating humans with automated program exploitation. My work was published in venues such as USENIX Security, ACM CCS, NDSS, and others. I’ve presented my work on detecting privacy invasions of browser extensions at the FTC, which has been covered by various news outlets, such as Le Figaro and Heise. My work on augmenting Cyber Reasoning Systems with humans was input to the DARPA CHESS program, a 3.5 year project to develop computer-human systems to rapidly discover vulnerabilities in complex software. I work on the program committee for RAID 2019-2021 and USENIX Security for 2022.
For all papers, talks, and community service I have provided see the publications section.