Robin Fassina-Moschini

Pentest of internal assets: - Web and Mobile app - Infra - Source code review Offensive capability development: - Stage 0 & 1 in C and asm bypassing EDR (User/kernel-land) - Specific implant for TTP testing in Purple Teaming Red teaming: - Leading of Red teaming operation - Red teamer operator - Development with terraform and ansible for automatic red teaming infrastructure and red teaming tooling. Purple teaming: - Coordination with the SoC to test alert coverage - Adversary emulation and simulation

Pentest of internal assets: - Web and Mobile Application - Infrastructure SDL: - Container to do Android source code analysis - Container to instrument binary with AFL and fuzz them. Security tooling: - Report generator in python3 - Severity and urgency calculator in HTML - Creation of a dedicated external security network Automation for project management: - Automation of confluence. - Parsing online MSP projects with python and selenium - KPI and database of vulnerability ticket open in Bash

Monitoring of hardware anomalies: - Capture of traps and logs - Angular UI Automatisation of the installation and security compliance: - Pipeline for installation. - Ansible for compliance. Hardware collector: - Daemon in Perl. - Gitlab workflow - Collect of anomalies Datacenter management hub with optimized kernel dev boards of the power, hardware and fmw. Firmware benchmark and qualification with Phoromatic and automatic installation Linux servers OS and hardware technical expert

- Secure software solutions offered by Conztanz. - Risks analysis - Creation of security policy. - Black box Penetration testing on Conztanz software, infrastructure, website, building and development tools. - Physical penetration testing. - Redaction of security guidances to fix vulnerability found.