Tiago Assumpcao Email and Phone Number

I spearhead Coinspect's SDLC Reinforcement program, collaborating closely with our clients to build resilient and trustworthy L1/L2 blockchain projects — encompassing nodes, smart contracts, DeFi protocols, and complex Bridges.My role entails tracking of key indicators, allowing a nuanced understanding of each project's intricacies, both technically and culturally. Orchestrating a relationship built on trust among development, management, and security, I enable my team to seamlessly… Show more I spearhead Coinspect's SDLC Reinforcement program, collaborating closely with our clients to build resilient and trustworthy L1/L2 blockchain projects — encompassing nodes, smart contracts, DeFi protocols, and complex Bridges.My role entails tracking of key indicators, allowing a nuanced understanding of each project's intricacies, both technically and culturally. Orchestrating a relationship built on trust among development, management, and security, I enable my team to seamlessly implement secure development strategies across all facets, prioritizing measures and ensuring scalability.Remaining hands-on, I continue to read, write, and break code. Alongside a team of leading-edge security experts, we are constantly looking for subtle logic issues in our clients' systems. Often, we write exploits to reproduce attack scenarios to better estimate the impact on their financial assets. Show less

Helped idealize and create a simple-to-use and inexpensive solution to monitor companies' digital assets of all sizes. Unxpose enables automated vulnerabilities triaging, covering network infrastructure, web applications and all relevant cloud providers.Unxpose was born to simplify and democratize access to cybersecurity.

Inspira is a top-notch jurisprudence search platform with no rival in the current market landscape. I helped kick-start the project, identifying the strategies necessary to build its legal database and enhance the user experience required to cater to the legal market in Brazil.

Managed contracts totaling over 5M USD annually, overseeing the entire lifecycle from pre-sales to delivery, with a focus on the technical intricacies of individual projects. Proactively identified and addressed customer needs, tailoring scopes to ensure precise alignment and guaranteeing high-quality execution.Additionally, played a strategic role in assisting global enterprises with complex technical requirements and cultural challenges. Led initiatives to develop security testing… Show more Managed contracts totaling over 5M USD annually, overseeing the entire lifecycle from pre-sales to delivery, with a focus on the technical intricacies of individual projects. Proactively identified and addressed customer needs, tailoring scopes to ensure precise alignment and guaranteeing high-quality execution.Additionally, played a strategic role in assisting global enterprises with complex technical requirements and cultural challenges. Led initiatives to develop security testing foundations and methodologies, aimed at minimizing friction and optimizing operations across multiple stakeholders. Show less

Performed code and architecture reviews, reverse engineered software and protocols, having had the pleasure to work with an amazing team of consultants.Low-level kernel and user-land, bare metal and virtualization, IoT, mobile, and web applications. Apart from finding fun security bugs, my goal was to enter the clients’ homes, understand their pain points and deliver with excellence.

Supported the committee review and select the submitted articles.

During the “CPI da Espionagem”, after the espionage allegations against the Brazilian State and Brazilian corporations, advised the Ministry of Science, Technology and Innovation on identifying procedures and mechanisms to mitigate future threats to the National Security.

Security review of the full BlackBerry product line.Provided consultancy to product teams within the company about strategic practices, assisting them to prioritize and fix security issues.Research into attack and defense of mechanisms potentially affecting BlackBerry products.A few examples I'm proud of: having helped the QNX team design & implement ASLR/XN, along with related GCC code generation procedures, and being part of a research partnership with ARM to introduce… Show more Security review of the full BlackBerry product line.Provided consultancy to product teams within the company about strategic practices, assisting them to prioritize and fix security issues.Research into attack and defense of mechanisms potentially affecting BlackBerry products.A few examples I'm proud of: having helped the QNX team design & implement ASLR/XN, along with related GCC code generation procedures, and being part of a research partnership with ARM to introduce new CPU features for runtime protection. Show less

Provided vulnerability R&D services to EU and NAFTA nation states.

R&D for the world’s leader in automated binary program analysis.Design and implementation of abstract interpretation algorithms to find program properties without execution on top of BinNavi’s framework.Created optimal program representations aiming to reduce complexity in analyses, with accepted precision loss. Design and implementation of an optimization scheme for the Reverse Engineering Intermediate Language (REIL) code, reducing in ~65% the IR for the most complex x86… Show more R&D for the world’s leader in automated binary program analysis.Design and implementation of abstract interpretation algorithms to find program properties without execution on top of BinNavi’s framework.Created optimal program representations aiming to reduce complexity in analyses, with accepted precision loss. Design and implementation of an optimization scheme for the Reverse Engineering Intermediate Language (REIL) code, reducing in ~65% the IR for the most complex x86 instructions.Most importantly - found my way into a good balance of static & dynamic analyses to realistically assist vulnerability research. Show less

Performed security reviews for Fortune 500 companies, providing each individual with tailor-made services.

Vulnerability research and security assessments.

Created detection and attack modules for the world's leader database security monitor.

Development of a portable C standard library, an ideal memory allocator for embedded systems, and network protocols for next-generation mobile phones.

Penetration testing; reverse engineering; software security assessment; software development; networking; UX; applied cryptography.At the PKI Team has been in charge of researching, architecting and implementing the wide range of technologies used in the Kapanga project. Additionally, has performed application security assessments, reverse engineering of distinct systems (file formats, on-the-wire protocols and applications) etc.

Penetration testing; software security assessment; Malware analyst at Kaspersky Lab, Mexico.