I am a visiting faculty at Stanford University and research group leader at CISPA (Center for IT Security, Privacy, and Accountability). Before that I was postdoc in the System Security group at CISPA and during my doctoral studies I was member of the S3 group at EURECOM in Sophia-Antipolis (France) under the supervision of Davide Balzarotti. Until August 2013, I worked as researcher associate in the "Security and Trust" group at the SAP research labs.
My main research interests include, but are not limited to, web security, dynamic program analysis, and automated vulnerability analysis. I create techniques and build automated tools to detect and study vulnerabilities in the next generation application software.
I also study the life-cycle of vulnerabilities with empirical and large-scale analyses. In particular, I am interested at solving the shortcomings between the identification of vulnerabilities and their resolution.