All About Me

LinkedIn   GitHub

I am a Security Consultant of the Cyber Defense Security Intelligence & Blue Team at Bip CyberSec. My main interests lie within network and system security together with machine learning.

Email: davide[dot]piva[at]icloud[dot]com

Education

• UNIVERSITY OF TRENTO
  Master Degree in Computer Science | September 2019 - March 2022
  Focus on Artificial Intelligence and Cybersecurity
  Mark: 108 out of 110

• Bip-Qibit Cybersecurity academy
  Academy in cybersecurity | November - December 2021
  

• CYBERCHALLENGE.IT
  Training program in cybersecurity | March - July 2021
  Member of UniTrento team at the national competition - 5^th place out of 33 participating universities

• UNIVERSITY OF TRENTO
  Bachelor Degree in Computer Science | October 2016 - July 2019
  Mark: 109 out of 110

• I.S. ENRICO FERMI OF MANTOVA
  Technical school diploma - technological sector in Computer Science
  Mark: 96 out of 100

Professional experiences

• BIP Business Integration Partners S.p.A. - CyberSec
  Cyber Security Consultant held in Piazza San Babila 5, Milano (MI) | 10^th March 2022 - now
  Cyber Defence Security Intelligence & Blue Team

• GiGroup S.p.A. (assigned @ BIP Business Integration Partners S.p.A. - CyberSec)
  Cyber Security Analyst held in Piazza San Babila 5, Milano (MI) | 10^th January 2022 - 9^th March 2022
  Cyber Defence Security Intelligence & Blue Team

• HWG S.R.L.
  Thesis partnership held in via Enrico Fermi 15/E, Verona (VR) | October 2021 - March 2022
  Security analysis of three industrial protocols: Modbus, DNP3, Ethernet/IP. Design and implementation of IBM Qradar rules to detect specific attacks against OT infrastructures

• ADAMI ALDO & C. S.n.c.
  Technical consultant held in via Gramsci 1/N-O, Porto Mantovano (MN) | June - August 2020
  Consultancy for the training of technical personnel

• FONDAZIONE BRUNO KESSLER
  Internship and thesis partnership held in via Sommarive 18, Povo (TN) | March - July 2019
  Security analysis of the OAuth2 authorization protocol and study of innovative solutions for its protection (Token-Binding, MTLS and DPoP)

• KEEP IN TOUCH S.R.L.
  Stage held in via Cavour 11, Mantova | June 2015
  Development of e-commerce websites

Certifications

• eLearnSecurity Certified Professional Penetration Tester - eCPPT
  Achieved on: 23^rd April 2024
  Valid until: ∞

• eLearnSecurity Certified Malware Analysis Professional - eCMAP
  Achieved on: 21^st October 2023
  Valid until: ∞

• CrowdStrike Certified Falcon Administrator - CCFA
  Achieved on: 13^th July 2023
  Valid until: 13^th July 2026
  

• CrowdStrike Certified Falcon Responder - CCFR
  Achieved on: 2^nd July 2023
  Valid until: 2^nd July 2026
  

• Splunk Core Certified User
  Achieved on: 28^th May 2023
  Valid until: 28^th May 2026
  

• CrowdStrike Certified Falcon Hunter - CCFH
  Achieved on: 30^th January 2023
  Valid until: 30^th January 2026
  

• eLearnSecurity Certified Digital Forensics Professional - eCDFP
  Achieved on: 22^nd September 2022
  Valid until: ∞

Skills

Cybersecurity

• Security Intelligence
• Incident Response
• Malware Analysis
• Digital Forensics
• Threat Hunting
• Vulnerability Management
• Hardening
• Patching
• Security Monitoring
• Digital Footprint
• Cyber Risk assessment

Main products, frameworks and tools I have worked with

• CrowdStrike Falcon
• Microsoft Defender for Endpoint
• Cybereason
• Cyberint
• Qualys Cloud Platform
• Nessus
• OpenVAS
• Splunk
• IBM QRadar
• Security Onion
• Symantec Control Compliance Suite
• SESAR SecRAM

Development

• Software development in C/C++, Java, Python and Golang
• System scripting in Bash, PowerShell and Python
• Web applications development (backend) in Java, php and NodeJS
• Web applications development (frontend) in HTML, CSS and Javascript
• Android application development in Java
• iOS application development with entry-level knowledge in Objective-C and Swift
• Development of medium-small applications for Arduino

Frameworks and tools I have worked with

• PwnTools Python library for exploit development
• Angular and React for web applications development
• Apache Spark for distributed data mining computations
• PyTorch for neural networks design
• Docker, Kubernetes and Terraform for automatic (micro)service architectures deployment
• OpenStack for virtual machines deployment
• OpenCV for image and video manipulation

Languages

• Italian C2 (mother tongue)
• English B2 level achieved at CLA UniTN

Soft skills

• Good organization and teamwork skills
• Good resistance to stress and relative control
• Precision and attention to detail
• Desire to always keep up to date
• Good problem solving skills

Other

• Design of SQL databases (e.g., MySQL) and NoSQL ones (e.g., MongoDB)

Personal experiences

Capture the flag

• HackTheBoxCTF - Cyber Apocalypse 2021 with UniTN team
• AngstromCTF (2021) with UniTN team

Hackathons

• #CodeVSCovid19 (2020)
• UniTN ICT Days of 2018 and 2019
• Milano@Work (2016)

Coding competitions

• Google HashCode of 2018 and 2019

Personal projects

• INTERCEPTOR
  Application-level firewall in Golang for flag protection in CTF attack/defense competitions with web interface in React

• PICHAT
  Android application for encrypted messages with centralized Java server