Stan | Wobbat

I'm Stan, or wobbat online. Security researcher and embedded team lead at an offensive-focused company in the Netherlands. A lot of my work is deep code review of software, and I'm currently implementing AI into our offensive security practice.

I don't just want to show that something is vulnerable. I want to understand the system well enough to explain why it became vulnerable in the first place.

I'm also neurodivergent, which shows up as a lot of open tabs and a real drive to understand how things work. Off-hours you'll find me drinking coffee, reading fantasy novels, or wandering around with my camera.

If any of that sounds interesting, I write more at my blog.

specs

role: senior offensive security consultant & team lead
focus: app-sec · ai · embedded · code review
based: netherlands
speaks: nl · en

experience

Senior Security Consultant WhiteHats 2024-now

Application security across web, native desktop, mobile, embedded, and IoT systems, combining secure code review, exploitation, and architectural review. Primary client contact throughout scoping and delivery. Team lead of a small team of security specialists, and lead for embedded security assessments covering firmware, communication stacks, and system-level components. Currently applying AI to offensive security workflows.
Security Specialist WhiteHats 2021-2024

Application security assessments across web, native, and mobile. Reporting, stakeholder presentations, and secure-design advisory to development teams.
Ethical Hacker IP4Sure (now Cyberlab) 2019-2021

First pentester on staff, built the service from scratch. Infrastructure and web application pentesting: manual vulnerability discovery, exploitation, impact analysis, reporting, and client advisory across the development lifecycle.

education

BSc ICT & Cyber Security Fontys Hogeschool 2015-2019

Cum laude

links

github: @wobbat
linkedin: stanvdvleuten
blog: afleidi.ng
email: mail@wobbat.com