PinnedHow I Fixed My Vanmoof S3 BatteryAfter a long time searching for an alternative to a car, I wanted to buy an electric bike — one that was aesthetically amazing, powerful…Jul 291Jul 291
Rethinking Vulnerability Management: Why VM Deserves More AttentionIn the rapidly evolving landscape of cybersecurity, the importance of a robust Vulnerability Management (VM) lifecycle cannot be…Mar 11Mar 11
NullCON GOA 2022 — Tech Bug Bounty PanelI had the great opportunity to participate as speaker at NullCON GOA 2022 last September, in the Tech Bug Bounty Panel with other Bug…Nov 6, 2022Nov 6, 2022
Building a BugBounty Program from ScratchWhat happens when a security researcher finds a bug in your code or the way to access your customer data? Do you have a clear policy and…May 12, 2021May 12, 2021
Building VDP for SuccessVulnerability Disclosure Programs (VDPs) are a clear way to tell the security researcher community how an organization wants them to report…Apr 22, 2021Apr 22, 2021
Secrets on Github, a plageSoftware Engineers are humans. Humans make mistakes, and anything that can go wrong, will eventually go wrong.Jun 22, 2020Jun 22, 2020
Bug Bounty Program, does it help?What happens when a security researcher finds a hole in your code? Do have a clear policy to submit this kind of findings? Most not.Mar 6, 2019Mar 6, 2019
Norwegian Air, playing with VOD systemThis post is excerpted from the talk presented at the CyberSecurity Meetup Helsinki, about vulnerabilities and bad implementations in…Sep 20, 2016Sep 20, 2016
KeyLemon, bypassing face-authenticationKeyLemon, is a well known application from Switzerland, that allows to enter in your session without login or password, with more than 3…Jun 13, 2016Jun 13, 2016