About
I lead security research from the first question to a working proof.
I'm based in Tel Aviv, Israel and lead security research at Pillar Security. I spend my time breaking AI agents and developer tools, working through what the findings mean for the product, and helping researchers take on harder problems.
01 · Research
Follow the attack path
Most of my work starts with an uncomfortable question: what can an attacker make this system do? I read the code, build the exploit, and keep going until the failed trust boundary is clear. A finding is much more useful when another researcher can reproduce it.
02 · Product
Finding the bug is the start
The next question is what to do about it. I work with product and engineering teams on the test cases, protections, and design changes that follow from the research. The details matter here. A fix that misses the original attack path is not much of a fix.
03 · Field
Forward-deployed research
Lab conditions hide a lot. I work directly with teams deploying AI systems to see where assumptions break, which risks matter, and which protections survive real constraints. Those lessons go back into the research and the product.
04 · People
Building research teams
I manage and mentor researchers, but I do not want a team that waits for tasks. The goal is independent judgment: choosing a worthwhile question, knowing when the evidence is weak, and explaining the result without hiding behind jargon.
Community
Learning in public
I co-founded AIL, an AI-focused technical community with more than 8,000 members. We learn, build projects, and compare notes as the field moves. I also publish research and turn some of it into talks and hands-on labs.
Outside security
Long-term systems
Outside security, I spend time thinking about businesses, markets, and long-term investing. I also follow crypto, mostly as a continuing experiment in open financial systems.