Pentesting · Web & Network · Active Directory · eJPTv2 · eCPPTv3
I find what your controls miss before someone else does. My background is in GRC and ISO compliance, which means I don't just find vulnerabilities—I understand what they break at the policy and risk level. Web apps, internal networks, Active Directory: I document what I find in reports that engineers can actually act on.
If you need a penetration test on a web app, internal network, or AD environment— or want someone who can also speak to the risk and compliance side—reach out.
You can write in English or Spanish.