Runs application security reviews and penetration tests for SaaS companies, and maintains several open-source security tooling projects.