I am an IT security researcher and professional.
I have discovered multiple significant vulnerabilities and am developing Open Source security tools.
My previous work includes the discovery of TLS vulnerabilities like ROBOT in RSA and flaws in AES-GCM implementations. I also helped discover multiple flaws in the use of STARTTLS in E-Mail protocols. I ran the Fuzzing Project, an effort to improve the security of Open Source software, and am developing multiple Open Source security tools.
I have presented my work at security conferences like Black Hat, DEF CON, Nullcon, CCC, Deepsec, and many others. You can find a YouTube playlist with recordings here.
You can find a more extensive list of my previous work on IT security here.
If you are looking for my work as a journalist, you can find it here.
I do freelance consulting; feel free to reach out.