Currently developing Probely technology and business, mostly focusing on improving the vulnerability detection capabilities.
Before that, I have worked for almost 12 years at Portugal Telecom, most of them in the web security team of SAPO which I co-founded with another teammate. In those days I tested site security, trained developers to code securely, provided all-around security consultancy and earned CPEs. Before SAPO, I spent a few years reverse-engineering traffic from proprietary applications and taking care of a countrywide network of honeypots.
I’m also a Security Researcher at Cobalt and a trainer at Citeforma, delivering courses about Linux and Network Security.
I hold a Master in Information Technology/Information Security by the Carnegie Mellon University and CISSP certification.
I’m a frequent speaker at security events, such as Codebits, Just4Meeting, ISEL Tech, Confraria da Segurança da Informação and recently at the BSides Lisbon conference. Slides and more info are available at http://www.linkedin.com/in/tiagomendo.
For the last few years, my team organizes a Capture The Flag security contest inside Pixels Camp (previously Codebits) where participants have to break in a number of web applications to get the flags, competing against other teams.
One of the biggest challenges when it comes to embracing the development of Single-Page Apps is security testing. SPA security testing can’t just be about crawling the frontend URLs and using spiders like in traditional security testing. So how can you make sure you're properly testing your SPAs?
Probely offers a streamlined approach to setting up and performing comprehensive scans on targets protected with 2FA without compromising the robust protection that 2FA offers to your websites and applications.
API security should not be viewed as a luxury, but rather as a requirement. As APIs have become indispensable for modern applications and services in our increasingly interconnected digital landscape, they need safeguards shielding them against the numerous threats and malicious actors of the digital world.
As part of our mission to make security available for everyone in the community, Probely is proud to announce that we are joining forces with Security Headers. Security Headers is a wildly popular tool with the security community having launched almost 250M Security Headers scans to date. This collaboration will allow users of Security Headers to benefit from our shared commitment to keeping security testing open and accessible.
This year was a remarkable experience for us at Appsec Village, and one that we learned a lot: from the level of knowledge of our participants, about how our game ran, and how to make it more efficient for next time. “The Ultimate Appsec Challenge'' was a fun and interactive way to test your Appsec knowledge while racing against the clock.
This website uses cookies to provide you the best experience. For more information, read our Privacy Policy.