---

I am a visiting Assistant Professor at Stanford University and Research Group Leader at CISPA (Center for IT Security, Privacy, and Accountability). Before that I was postdoc in the System Security group at CISPA and during my doctoral studies I was member of the S3 group at EURECOM in Sophia-Antipolis (France) under the supervision of Davide Balzarotti. Until August 2013, I worked as researcher associate in the Security and Trust group at the SAP research labs.

---

Research

I research on multiple aspects of the security of the modern application software stack, including web, mobile, and browser security. While my core research goal is to advance the state of the art of automated vulnerability detection and analysis, I also study the security properties of emerging technologies/trends in application software.

---

Services

• PC member at Usenix Security (2019)
• PC membre at ASIA CCS (2019)
• PC membre at EuroSec (2019)
• PC member at ACM CCS (2018)
• PC member at ACSAC (2018, 2017)
• PC member at Usenix WOOT (2018)
• PC member at ACM CCS Poster (2016)
• PC member at IWCC (2016, 2015)
• PC member at DEPEND (2016, 2015)
• PC member at WTMC (2016)
• PC member at STAST (2014)
• PC member at NBiS (2014)
• Publicity chair for ACM CCS (2017)
• PC (co-)chair at SECTEST2015
• Journal reviewer for ACM Computing Surveys, IEEE Transactions on Cloud Computing (TCC), and Transactions on Dependable and Secure Computing (TDSC)

---

Presentations and Talks

• Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs, ITASEC Italian Conference on Cybersecurity, Milan, Italy, February 2018
  [ slides ]
• Compression Bombs Strike Back, BeNeLux OWASP Day 2016, Leuven, Belgium, November 25, 2016
  [ slides ]
• Compression Bombs Strike Back, OWASP AppSec Europe '16, Rome, Italy, June 27 - July 01, 2016
  [ slides ]
• Business Logic Vulnerabilities in eCommerce Web Applications, OWASP Europe Tour 2013, Biot Sophia Antipolis, France, June 24, 2013
  [ slides