Daniele Latini - Cybersecurity Consultant

Daniele Latini

Cybersecurity Consultant • AI Enthusiast • Technology Expert

📧 daniele.latini2@gmail.com 💼 LinkedIn 🔗 GitHub

Professional Summary

Dedicated penetration tester and cybersecurity consultant with proven experience in security assessments, ethical hacking, and vulnerability management. Driven by a strong passion for artificial intelligence and emerging technologies, I actively explore how AI can revolutionize security practices and develop innovative solutions to complex cybersecurity challenges. Focused on delivering comprehensive security strategies that integrate both traditional methodologies and cutting-edge technological advancements.

Professional Experience

Cybersecurity Consultant

October 2024 - Present

Deloitte NextHub • Hybrid

Penetration Testing Vulnerability Assessment Burp Suite Recon & Discovery WAPT API Testing

Conduct comprehensive cybersecurity assessments specializing in web application and API penetration testing. Successfully helped 3+ enterprise clients strengthen their security posture through targeted vulnerability assessments and remediation strategies. Collaborate directly with the customer’s teams to implement security best practices and deliver actionable security recommendations.

Key responsibilities include:

  • Penetration Testing: Web applications, API, and Network infrastructure
  • Vulnerability Management: Risk assessment and remediation guidance
  • Security Architecture: Design reviews and security control recommendations
  • Client Relations: Technical presentations and executive briefings

Key Achievements:

  • Conducted 20+ penetration tests resulting in 100+ vulnerabilities discovered

Application Security Engineer

March 2023 - October 2024

DXC Technology • Hybrid

Source Code Review SAST DAST Backend Development Java Spring Boot JWT

Developed backend infrastructure for multiple microservices using Java Spring Boot, following industry best practices for secure and scalable application development. Conducted comprehensive security analyses focusing on authentication mechanisms and source code reviews to ensure delivery of high-quality, secure software products. Collaborated with cross-functional teams to integrate security controls throughout the development lifecycle.

Key responsibilities include:

  • Backend Development: Design and implementation of secure microservices architecture using Java Spring Boot, REST APIs, and JWT authentication
  • Source Code Review: Manual security code analysis and vulnerability identification across multiple projects to ensure secure coding practices
  • SAST & DAST: Integration and management of automated security testing tools in CI/CD pipelines for continuous vulnerability detection

Education

Master Degree in Cybersecurity

October 2023 - Present

University of Bari, Aldo Moro • Bari, Italy

Specialized in network security, cryptography, and digital forensics with a focus on emerging technologies in cybersecurity. Completed comprehensive coursework in:

  • Advanced Cryptography: Implementation of encryption algorithms and security protocols
  • Network Security: Intrusion detection systems, firewalls, and network monitoring
  • Digital Forensics: Evidence collection, analysis techniques, and legal compliance
  • Risk Management: Security frameworks, compliance standards (ISO 27001, NIST, GDPR)
  • AI in Security: Machine learning applications for threat detection and analysis

Certifications

Web Application Penetration Tester eXtreme (eWPTX)

INE

November 2025

Advanced certification focused on web application penetration testing methodologies and exploitation techniques. Comprehensive coverage of:

  • Web Application Penetration Testing Methodology (10%): Accurately assess web applications based on methodological, industry-standard best practices. Identify and prioritize testing objectives based on business impact and risk assessment.
  • Web Application Reconnaissance (15%): Perform comprehensive passive and active reconnaissance on target web applications utilizing WHOIS lookups, DNS enumeration, network scanning, and fuzzing techniques. Utilize Git-specific tools to automate the discovery of secrets and vulnerabilities in code.
  • Authentication Attacks (15%): Test various authentication methods (Basic, Digest, OAuth) through credential stuffing and brute force attacks. Identify and exploit Session Management vulnerabilities including session fixation, hijacking, and weaknesses in OAuth and OpenID Connect protocols.
  • Injection Vulnerabilities (15%): Identify and exploit SQL injection vulnerabilities including error-based, blind, and time-based techniques using SQLMap and other tools. Exploit NoSQL injection vulnerabilities and extract sensitive data from compromised databases using advanced querying techniques.
  • API Penetration Testing (25%): Conduct hands-on penetration tests on API endpoints to identify and exploit vulnerabilities. Utilize automation tools for API vulnerability testing, analyze parameter manipulation vulnerabilities, and test rate limiting mechanisms including DoS attacks and resource exhaustion.
  • Server-Side Attacks (10%): Identify and exploit SSRF (Server-Side Request Forgery) attacks, perform deserialization attacks for arbitrary code execution or privilege escalation, and execute LDAP injection attacks to bypass authentication or extract sensitive information.
  • Filter Evasion & WAF Bypass (10%): Analyze and test WAF rules to identify weak configurations. Perform hands-on WAF evasion techniques including encoding, obfuscation, payload fragmentation, and bypass input validation mechanisms through content type alteration, focusing on SSRF and XXE exploitation.

Download CV

Get a PDF copy of my complete curriculum vitae

📄 Download PDF