Report A Breach
1-877-550-4728
Jessica Ryan
Security Consultant
Experience
Jessica breaks websites. She aspires to break more websites. Having spent the past five years performing penetration tests throughout the United States and Europe, she now works for TrustedSec as a Security Consultant, specializing in Application Security. Her areas of expertise include APIs and Web Services, Mobile Application Security, Source Code Review, and Desktop Environment Breakouts
Education & Certifications
King’s College London, London, United Kingdom
Industry Contributions
HackLondon Cofounder
Awards: Pentest Ninja (2016), Women’s Society of Cyberjutsu, Arlington, Virginia Ada Lovelace Student Prize (2015)
Recent Blog Posts
What Spring Data can teach us about API misconfiguration
A security researcher (Joel Noguera @niemand_sec) discovered a ‘critical’ misconfiguration bug in Spring Data’s Application Level Profile Semantics (ALPS). This bug allows unauthenticated users to perform an Application Programming Interface (API) request, which responds with sensitive user data that can be utilized, manipulated, or even deleted. What is ALPS? “ALPS [is] a data format for defining...
Read
A Discussion on Serverless Application Vulnerabilities
The main advantage of utilizing serverless architecture, such as Amazon Web Services (AWS), is that it is a great way to build applications without having to manage the infrastructure. The provider will provision, scale, and maintain the servers to run applications, databases, and storage systems. Naturally, this offloads the risk of server-side insecurities to the...
Read
Recent Podcasts
Thunder, Flash, and Run BMC!
April 20, 2021
Turn Off the Internet, The Containers Are Leaking, and Why Are My Genitals in the En…
April 20, 2021
Updating Your Reputable Plugins
April 20, 2021
