About

I am an IT consultant and (sometimes) researcher at ICTI, where we provide information security advice and IT reviews to organizations, helping them achieve the ISO 27001 certification. My work includes educational and research projects, such as teaching at VU and sporadic publications. Read more here.

I have completed my PhD at the SEC Group of Eindhoven University of Technology where I investigated the interaction between social engineering attacks and human cognition. Selected publications relate to understanding how to study SE attacks [1] and how to defend angainst them [2, 3, 4]. Read more here.

Before joining TU/e, I was a security analyst at large Italian SOC and loosely involved in personal security projects. I am generally interested in information security and the consequences of enshittification of the Internet.