NW

Nico Waisman

Head of Security at XBOW

Miami Beach, Florida

Investor
Angel

Invests in

Stages:

Seed

Locations:

Argentina

  • Min Investment:

    $5,000.00

  • Max Investment:

    $50,000.00

  • Target Investment:

    $25,000.00

Skills

Vulnerability Assessment
Penetration Testing
Web Application Security
Reverse Engineering
Computer Security
Security Research
Network Security
Application Security
Information Security
CEH

Education

Investments

Fleet Device Management

Seed

Total Funding: $23M

Work Experience

XBOW

2024

  • Head of Security

    2024

Fleet Device Management

2022

  • Advisor

    2022

BitTrap

2021

  • Member Of The Board Of Advisors

    2021

Lyft

2020 - 2024

  • Chief Information Security Officer

    2022 - 2024

  • Head of Security and Privacy

    2020 - 2022

GitHub

2019 - 2020

  • Senior Director of GitHub Security Lab

    2019 - 2020

    Drive the GitHub Security Lab whose mission has been to build bridges between the security research and developer communities and help secure the open source ecosystem. The team has helped drive community wide adoption of CodeQL as a security research tool, grown an active community of contributors through bounty programs and social media presence. I was responsable for launching a successful first phase of the OSS Coalition with a mission to bring together companies and organizations committed to help secure open source software globally, which evolve into the Open Source Security Foundation (OpenSSF) led by the Linux Foundation an open, cross-industry effort to improve the security of open source software by building a broader community, targeted initiatives, and best practices. During my time leading the the GitHub Security Lab we found vulnerabilities in the OSS ecosystem and, more importantly, inspired others to do so as well.

  • Principal Security Engineer

    2019 - 2019

Semmle

2019 - 2019

  • Director of Research LATAM

    2019 - 2019

Cyxtera Technologies

2018 - 2019

  • VP of Consulting Services

    2018 - 2019

    My vast experience as leading expert in reverse engineering and vulnerability development allow me to have lead technical and management teams at Immunity. During my sixteen years at Immunity I was involved in product conception, design and engineering of products such as CANVAS, SILICA, El Jefe and Immunity Debugger. On the service side of Immunity business, I manage a successful boutique consulting service on a vast Fortune 500 clients evaluating customer security and designing and implementing a professional service solution to improve One of my important task was to mentor researchers and consultants into growing their skills both technical and interpersonal, providing and nurturing new researching ideas to help the business and the personal career of the team. As a team leader, I was involved in every aspect of the recruiting effort, helping build the interview environment, discovering and recruiting new talent on different areas and organizing conferences and events to help grow the community. As a VP of Consulting Services, I'm in charge to plan and execute strategies that allow to bring new and innovative products and services to the market, identify business opportunities among new and existing clients. Partner with both Marketing and Sales that allow Immunity to develop new business growth. Aside from my daily task, along with Dave Aitel (Immunity's CEO) and Bas Alberts (Director of Special Projects), I'm in charge of helping define the philosophy and long term strategy that allow a non-VP funded company to be successful for more than 16 years.

Immunity, Inc.

2002 - 2019

  • VP of Latin America

    2009 - 2019

    My vast experience as leading expert in reverse engineering and vulnerability development allow me to have lead technical and management teams at Immunity. During my sixteen years at Immunity I was involved in product conception, design and engineering of products such as CANVAS, SILICA, El Jefe and Immunity Debugger. On the service side of Immunity business, I manage a successful boutique consulting service on a vast Fortune 500 clients evaluating customer security and designing and implementing a professional service solution to improve One of my important task was to mentor researchers and consultants into growing their skills both technical and interpersonal, providing and nurturing new researching ideas to help the business and the personal career of the team. As a team leader, I was involved in every aspect of the recruiting effort, helping build the interview environment, discovering and recruiting new talent on different areas and organizing conferences and events to help grow the community. As a VP of Consulting Services, I'm in charge to plan and execute strategies that allow to bring new and innovative products and services to the market, identify business opportunities among new and existing clients. Partner with both Marketing and Sales that allow Immunity to develop new business growth. Aside from my daily task, along with Dave Aitel (Immunity's CEO) and Bas Alberts (Director of Special Projects), I'm in charge of helping define the philosophy and long term strategy that allow a non-VP funded company to be successful for more than 16 years.

  • Public Speaker

    2002 - 2019

    Since the begging of my career I spoke in many security conferences around the world, in both English and Spanish. I concentrate my focus on security research but also open keynote providing thoughtful notes about the security landscape. This included renowned conference such as Black Hat, Syscan, Pacsec, RuxCon, Kiwicon, CyberCamp, Ekoparty, etc.

  • Senior Security Researcher

    2003 - 2010

    Extensive experience in researching, documenting, and exploiting complex public and non-public security issues. I have researched and exploited all common bug-classes. Including stack and heap overflows, format string bugs, and logic bugs on various UNIX, UNIX-like and Windows platforms on a variety of Architectures. I have also developed exploits and exploit methodologies for a wide variety of uncommon bugs, ranging from Kernel bugs, to bug classes previously thought to be not exploitable. I pioneer techniques to bypass security mechanism and exploit under hard condition on the Linux and Windows heap. My hands on experience in the research and development branch of the security field allows me to give a very real world perspective on risk management and the actual impact a certain vulnerability has on an infrastructure. Extensive experience in custom advanced payload development for Linux, OSX and Windows platforms. Auditing and Code Review Extensive experience in performing in-depth audits of C/C++ source-code in the UNIX environment. Extensive experience in performing binary audits in both Unix and Windows environments. Software Engineering Extensive experience in designing and implementing large scale software solutions in Python, C, and Assembly for for various platforms and architectures. Reverse Engineering Extensive experience reverse engineering closed source software for both vulnerability analysis and malware analysis using industry standard tools such as IDA Pro, on regular operating systems and embedded devices. Programming languages - C/C++ - IA32 Assembly - IA64 Assembly - PPC Assembly - ARM Assembly - SH4 Assembly - Java - Python - PHP Operating systems (Administration, Security, Systems Programming) - Linux and Linux derivatives such as Android - Windows 2000/XP/2003/VISTA/7/8/10 - OSX - Real Time OS