Jessica Ryan

Security Consultant


Jessica breaks websites. She aspires to break more websites. Having spent the past five years performing penetration tests throughout the United States and Europe, she now works for TrustedSec as a Security Consultant, specializing in Application Security. Her areas of expertise include APIs and Web Services, Mobile Application Security, Source Code Review, and Desktop Environment Breakouts

Education & Certifications

King’s College London, London, United Kingdom

Industry Contributions

HackLondon Cofounder

Awards: Pentest Ninja (2016), Women’s Society of Cyberjutsu, Arlington, Virginia Ada Lovelace Student Prize (2015)

Recent Blog Posts

What Spring Data can teach us about API misconfiguration

A security researcher (Joel Noguera @niemand_sec) discovered a ‘critical’ misconfiguration bug in Spring Data’s Application Level Profile Semantics (ALPS). This bug allows unauthenticated users to perform an Application Programming Interface (API) request, which responds with sensitive user data that can be utilized, manipulated, or even deleted. What is ALPS? “ALPS [is] a data format for defining...

A Discussion on Serverless Application Vulnerabilities

The main advantage of utilizing serverless architecture, such as Amazon Web Services (AWS), is that it is a great way to build applications without having to manage the infrastructure. The provider will provision, scale, and maintain the servers to run applications, databases, and storage systems. Naturally, this offloads the risk of server-side insecurities to the...
View all posts from Jessica
Jess Ryan

Want to work with Jessica Ryan or someone like her?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us