About Me

TL;DR: I'm a DevSecOps engineer from Brazil, currently working as CTO at goinfinite.net and nimbus.house.

One day I turned my computer on and this message showed up:

By googling what that message was I crossed many lines, one of these lines was the user line. It was my first contact with tools such as the Windows Registry, cmd.exe and batch files. I was 8 and fascinated by the discovery of what happens behind all the user interfaces.

I landed on IT directly on the security field. The next days my browser history had only searches about what as a keygen and cracks, how they operate and developed. In a week I was already writing my first batch script and started to learn Pascal.

It didn't take much and I disassembled my computer entirely. It was a gem for its time, an AMD K7, 256M RAM, 20GB HDD that looked just like this:

Literally like this cause I didn't know what I was doing. I had a dial-up connection in Brazil, loading a webpage was an herculean task. YouTube was still on it's early stages, so finding a good tutorial wasn't that easy. The first burned CPU we never forget. A few months and a thousand slaps later, I was back on the PC and my curiosity only increased.

Visual Basic was the first language I got something done, a gaming server that I released on RaGEZONE forum, which curiously is still a very active forum.

Thanks to the game projects I got to work with C++, LUA, PHP and understand concepts such as TCP, DNS, and VPN. Since it also required a great deal of graphical interfaces, I had to work with tools such as Adobe Photoshop that gave me a valuable understanding of user interfaces and experience.

I started to feel symptoms related to the Carpal tunnel syndrome and to prevent it since I was spending nearly 12 hours daily on a computer, I had to choose between gaming and working. It's a very common issue for those using computers all day long and I was not ready to give up on computers just yet.

Distant from games, I returned to the security field and started working as a security moderator on online forums, helping people get their computers clean with tools such as HijackThis and Combofix. By this time I had stopped using Windows and jumped into the Unix world.

I was a heavy user of the BackTrack Linux distribution that later became the infamous Kali Linux. SQL injections, XSS, IDS/IPS bypassing and all kinds of exploits were the challenges I was focusing on, but something inside always told me I could be building things instead of only trying to break them.

That's when I decided to put together everything I learned so far and develop websites. At age 14, I founded a company named Shift.

I got to work with different types of customers and also understand the sales process, so far a complete mystery to me. This gave me a different perspective on software development and business.

The websites developed by Shift were initially static (XHTML/CSS only), then based on Joomla! and finally on WordPress that had just upgraded to version 3 If I recall correctly.

With the help of WooCommerce, I started an ecommerce subscription solution named Shift eLojas. I just focused on that for a while and it grew to a point where I realized a) finding a good hosting was really hard; b) I like being a technical person much more than an entrepreneur.

I decided to put an end on Shift eLojas and focus on hosting, as I always liked to deal with servers and networks and finding a good provider was difficult. I migrated my previous customers to this new hosting solution and continued to offer the managed support they all appreciated. Shift was officially closed and Infinite was born. 

I got to contribute with WordCamp São Paulo 2015 and 2017 talking about the cloud and WordPress performance. By that time I was already a Sucuri customer with Infinite and really liked Sucuri services, their WAF was simple and yet powerful.

As I never liked the commercial part of the company, I decided that I would always try to delegate the non-technical part of the company to employees and maintain Infinite just for the technical challenge of creating a good hosting solution with a very decent support. Infinite was a tiny company that didn't demand much of my time, so I applied for a job at Sucuri.net.

A few months later I was hired to work on the WAF support team at Sucuri. Quickly I was assigned to the senior support area, dealing exclusively with the trickiest cases, improving the documentation and helping enterprise customers via Skype every now and then when things got too technical.

GoDaddy acquired Sucuri the following year and later I was part of the Sucuri Malware Research, GoDaddy Security Engineering and GoDaddy Security Research team. I worked mostly with PHP, JavaScript and Shell, developing tools such as the Sucuri Malware Cleanup software and Cleanup Automation (Robot), Sucuri Labs, internals APIs, besides architecturing a few serverless apps on AWS and maintaining CI/CD pipelines. Most of the code I got to work with followed architecture and programming methodologies such as Clean Architecture, SOLID, DDD and TDD. During my period with Sucuri I also blog posted about DDoS and other types of attacks I was mostly familiar with.

At the beginning of 2021 I left GoDaddy and Sucuri to focus on Infinite. A few months later I co-founded Nimbus, a software house with big clients in the Brazilian financial sector. There I can stretch all my technical muscles and also manage teams of highly skilled DevOps engineers and developers.

That is my story to this day. I still have a lot to learn and my curiosity never diminishes, I am never afraid to try new things and I always try to keep an open mind so I never miss the opportunity to become a better person.