Certifications & Methodologies
My skills in the cybersecurity field are validated through internationally recognized certifications and the use of industry-standard methodologies. This guarantees a professional, structured, and verifiable approach.
Certifications demonstrate both technical and methodological skills, fundamental for penetration testing, risk management, security auditing, and regulatory compliance activities.
eCPPT – Certified Professional Penetration Tester
Advanced certification oriented to complete penetration tests: exploitation, privilege escalation, pivoting, and post-exploitation. Based on PTES methodologies and stringent real-world scenarios.
ISO/IEC 27001 – Lead Implementer
Competence in the design, implementation, and management of Information Security Management Systems (ISMS). Fundamental for audits, supplier evaluations, governance, and compliance.
Security+ / CySA+
Operational skills in the field of detection, threat analysis, risk management, and incident response. CySA+ is part of the defensive specialization roadmap.
Used Methodologies
The approach is based on recognized frameworks and standards that guarantee quality, repeatability, and reliability of the activities performed.
- • OWASP Testing Guide & OWASP ASVS
- • PTES – Penetration Testing Execution Standard
- • NIST SP 800-115 – Technical Guide to Security Testing
- • MITRE ATT&CK Framework
- • ISO/IEC 27001 & 27002 – Controls & Governance
- • NIST Cybersecurity Framework
- • NIS2-aligned security practices e supplier evaluation
Don't know where to start with cybersecurity? It's perfectly normal.
I help you understand what is priority, what is mandatory, and what can really make a difference for you.
Request a consultation