Who am I?
Hi and welcome to my blog! I am Gustavo Silva, a software developer focusing on Cyber Security.
My interests range from how to better design software and systems to maximize developers productivity while making it easier to test, deploy and monitor changes in software, how to break and defend said systems from external attacks (classic red/blue exercises - which makes me a purple team guy!?), and c) productivity - how can we maximize the time we have on this lifetime?
I have worked as a full-stack developer (quite literally doing everything from back-end, to front-end and DevOps in between) for 18 months, later changing to an Application Security Engineering role where I have worked on security tooling, securing infrastructure and applications, assessing application security, source code review, incident response and more.
I often play security-focused CTFs, as well as fool around on platforms like TryHackMe and HackTheBox - in the past have reached top 30 in Portugal on TryHackMe. Bug bounties is not yet a thing I spend much time on, but security research is something I would like to start investing some of my free time.
What is on this site?
The motivation to build and maintain this website/blog is to write about my experiences and endeavors sharing them with the world. The long term vision for this blog is to become a place full of memories, experiences and lessons I have learned along the way, hoping anyone can benefit from them. If not, well, at least it’s a good habit to keep writing and track of things I do, achieve and learn.
Although I am still too new to public speaking, which is something I would like to do more in the future (COVID in 2020…), I was fortunate enough to have the opportunity to publicly talk about some of the work I have done:
- OWASP Lisboa Chapter: Surface Security - The experience so far and the road ahead (recording)
- OWASP Cluj Meetup: Open Sourcing Surface Security (no recording available at the moment).
- Presentation about Shhbt at Today’s Software Magazine: “The Power of Open Source in Cyber Security”
Here is a list of posts written for platforms other than this blog:
- https://tek.sapo.pt/opiniao/artigos/opiniao-o-trio-de-ataque-da-ciberseguranca [PT/PT]
- https://visao.pt/exameinformatica/opiniao-ei/2023-10-17-ciberseguranca-a-batalha-da-ia-contra-a-ia/ [PT/PT]
I am not expecting any sort of donations for this blog, but in case you feel like helping out, feel free to do so using the PayPal form at the bottom of the page.