# whoami
cat identity.yaml
name: Ali Yazdani
role: Security Engineer
location: Berlin, DE
focus: DevSecOps · Threat Modeling
Cloud-Native Security
owasp: ThreatAtlas [project lead]
owasp-ch: Berlin Chapter [leader]
featured
latest_posts
ls -la posts/-
DAST with OWASP ZAP in CI/CD Pipelines
Dynamic Application Security Testing often gets skipped because it's hard to automate. Here's how to integrate OWASP ZAP into your pipeline without it becoming a blocker.
-
EPSS: A Smarter Way to Prioritize CVEs
CVSS scores alone are a poor guide for prioritization. EPSS uses real exploit data to tell you what's actually being exploited in the wild — and that changes everything.
latest_talks
ls -la talks/-
WeAreDev 2024 - Real-World Threat Modeling
Speaking at WeAreDev 2024 about real-world threat modeling practices and methodologies
-
TEQnation 2024 - Secure Software Ecosystems Best Practices and Regulatory Insights
Speaking at TEQnation 2024 about building secure software ecosystems and regulatory insights