All About Me

I am a Security Senior Consultant of the Security Intelligence & Blue Team at Bip CyberSec, currently responsible of the Cyber Threat Intelligence services.

My main interests lie within network and system security together with machine learning and artificial intelligence.

Email: davide[dot]piva97[at]gmail[dot]com

Education

UNIVERSITY OF TRENTO
Master Degree in Computer Science | September 2019 - March 2022
Focus on Artificial Intelligence and Cybersecurity
Mark: 108 out of 110
Bip-Qibit Cybersecurity academy
Academy in cybersecurity | November - December 2021
CYBERCHALLENGE.IT
Training program in cybersecurity | March - July 2021
Member of UniTrento team at the national competition - 5^th place out of 33 participating universities
UNIVERSITY OF TRENTO
Bachelor Degree in Computer Science | October 2016 - July 2019
Mark: 109 out of 110
I.S. ENRICO FERMI OF MANTOVA
Technical school diploma - technological sector in Computer Science
Mark: 96 out of 100

Professional experiences

BIP Business Integration Partners S.p.A. - CyberSec
Cyber Security Consultant held in Piazza San Babila 5, Milano (MI) | 10^th March 2022 - now
Cyber Defence Security Intelligence & Blue Team

Role	Period
Security Senior Consultant	July 2025 - now
Security Consultant	May 2023 - June 2025
Security Analyst	March 2022 - April 2023

GiGroup S.p.A. (assigned @ BIP Business Integration Partners S.p.A. - CyberSec)
Cyber Security Analyst held in Piazza San Babila 5, Milano (MI) | 10^th January 2022 - 9^th March 2022
Cyber Defence Security Intelligence & Blue Team
HWG S.R.L.
Thesis partnership held in via Enrico Fermi 15/E, Verona (VR) | October 2021 - March 2022
Security analysis of three industrial protocols: Modbus, DNP3, Ethernet/IP. Design and implementation of IBM Qradar rules to detect specific attacks against OT infrastructures
ADAMI ALDO & C. S.n.c.
Technical consultant held in via Gramsci 1/N-O, Porto Mantovano (MN) | June - August 2020
Consultancy for the training of technical personnel
FONDAZIONE BRUNO KESSLER
Internship and thesis partnership held in via Sommarive 18, Povo (TN) | March - July 2019
Security analysis of the OAuth2 authorization protocol and study of innovative solutions for its protection (Token-Binding, MTLS and DPoP)
KEEP IN TOUCH S.R.L.
Stage held in via Cavour 11, Mantova | June 2015
Development of e-commerce websites

Certifications

eLearnSecurity Certified Professional Penetration Tester - eCPPT
Achieved on: 23^rd April 2024
Valid until: ∞
eLearnSecurity Certified Malware Analysis Professional - eCMAP
Achieved on: 21^st October 2023
Valid until: ∞
CrowdStrike Certified Falcon Administrator - CCFA
Achieved on: 13^th July 2023
Valid until: 13^th July 2026
CrowdStrike Certified Falcon Responder - CCFR
Achieved on: 2^nd July 2023
Valid until: 2^nd July 2026
Splunk Core Certified User
Achieved on: 28^th May 2023
Valid until: 28^th May 2026
CrowdStrike Certified Falcon Hunter - CCFH
Achieved on: 30^th January 2023
Valid until: 30^th January 2026
eLearnSecurity Certified Digital Forensics Professional - eCDFP
Achieved on: 22^nd September 2022
Valid until: ∞

Skills

Cybersecurity experience and activities

Cyber Threat Intelligence
Incident Response
Malware Analysis
Digital Forensics
Threat Hunting
Vulnerability Management
Hardening
Patching
Security Monitoring
Digital Footprint
Cyber Risk assessment

Cybersecurity area	Known and used products & tools
Cyber Threat Intelligence	Cyberint Argos
	Security Scorecard
	QuoIntelligence
	MISP
	OpenCTI
	Google Dorks
	OSINT services and repos
Attack Surface Management	Cyberint Argos
	Bitsight
	CrowdStrike
	CyCognito
EDR/XDR Technologies	CrowdStrike Falcon
	Microsoft Defender for Endpoint
	TrendMicro
	Cybereason
Vulnerability Management	Qualys
	CrowdStrike Spotlight
	Tenable Nessus
	Tenable.io
	OpenVAS
Cloud Security	CrowdStrike
SIEM	IBM Qradar
	Splunk
	Google Chronicle
	Security Onion
Security Testing & Hardening	Symantec Control Compliance Suite
	Picus
	Pentera
Mobile security	CrowdStrike for Mobile
Mobile security	Lookout
Reverse Engineering & Debugger	Ghidra
	IDA
	GDB
Others	Netskope

Known cybersecurity frameworks

MITRE ATT&CK
NIST 800-53
ISO 27001
NATO Open Source Intelligence
ENISA
Perimetro di Sicurezza Nazionale Cibernetica (PSNC)
GDPR
SESAR SecRAM

Development

Software development in C/C++, Java, Python and Golang
System scripting in Bash, PowerShell and Python
Low-level programming in Assembly (Intel x86 and C-Extended Assembly)
Web applications development (backend) in Java, php and NodeJS
Web applications development (frontend) in HTML, CSS and Javascript
Android application development in Java
iOS application development with entry-level knowledge in Objective-C and Swift
Development of medium-small applications for Arduino
Design of SQL databases (e.g., MySQL) and NoSQL ones (e.g., MongoDB)

Frameworks and tools I have worked with

PwnTools Python library for exploit development
Angular and React for web applications development
Apache Spark for distributed data mining computations
PyTorch for neural networks design
Docker, Kubernetes and Terraform for automatic (micro)service architectures deployment
OpenStack for virtual machines deployment
OpenCV for image and video manipulation

Languages

Italian C2 (mother tongue)
English B2 level achieved at CLA UniTN

Soft skills

Good organization and teamwork skills
Good resistance to stress and relative control
Precision and attention to detail
Desire to always keep up to date
Good problem solving skills

Personal experiences

Capture the flag

HackTheBoxCTF - Cyber Apocalypse 2021 with UniTN team
AngstromCTF (2021) with UniTN team

Hackathons

#CodeVSCovid19 (2020)
UniTN ICT Days of 2018 and 2019
Milano@Work (2016)

Coding competitions

Google HashCode of 2018 and 2019

Personal projects

INTERCEPTOR
Application-level firewall in Golang for flag protection in CTF attack/defense competitions with web interface in React
PICHAT
Android application for encrypted messages with centralized Java server