Andrés Riancho is an application and cloud security expert who leads the open source w3af project and provides high-quality security assessment services to companies around the world.
In the research field, he identified new techniques which can be used to escalate privileges in Amazon AWS infrastructures, discovered critical vulnerabilities in IPS appliances, multiple vulnerabilities in web and REST APIs, and contributed with SAP research performed at a former employer.
His focus is application security, where he developed w3af, a web application attack and audit framework used extensively by security professionals. Lately his focus has shifted towards AWS and GCP cloud security, performing security assessments to help his client’s secure their cloud infrastructure.
Andrés has spoken and held trainings at many security conferences around the globe like BlackHat, OWASP USA, SecTor, Ekoparty, T2, and CanSecWest.