Security researcher focused on discovering and responsibly disclosing vulnerabilities in cloud infrastructure and identity systems.
Focus Areas
- Cloud Security — Cross-tenant isolation failures in Azure, GCP, and AWS managed services
- Kubernetes — RBAC bypass, container escape, admission controller vulnerabilities
- Identity — OAuth/OIDC flaws, workload identity federation, confused deputy attacks
- Coordinated Disclosure — CERT/CC partnered vulnerability coordination
Disclosure
All findings are reported through responsible disclosure. Critical vulnerabilities affecting multiple vendors are coordinated through CERT/CC VINCE for synchronized remediation.