About Me

TL;DR: I'm a software engineer from Brazil fairly keen on cybersecurity and the cloud, currently working as CTO at goinfinite.net and Security Engineer at sucuri.net.

One day I turned my computer on and this message showed up:

By googling what that message was I crossed many lines, one of these lines was the user line. It was my first contact with tools such as the Windows Registry, cmd.exe and batch files. I was 8 and fascinated by the discovery of what happens behind all the user interfaces.

I landed on IT directly on the security field. The next days my browser history had only searches about what as a keygen and cracks, how they operate and developed. In a week I was already writing my first batch script and started to learn Pascal.

It didn't take much and I disassembled my computer entirely. It was a gem for its time, an AMD K7, 256M RAM, 20GB HDD that looked just like this:

Literally like this cause I didn't know what I was doing. I had a dial-up connection in Brazil, loading a webpage was an herculean task. YouTube was still on it's early stages, so finding a good tutorial wasn't that easy. The first burned CPU we never forget. A few months and a thousand slaps later, I was back on the PC and my curiosity only increased.

Visual Basic was the first language I got something done, a gaming server that I released on RaGEZONE forum, which curiously is still a very active forum.

Thanks to the game projects I got to work with C++, LUA, PHP and understand concepts such as TCP, DNS, and VPN. Since it also required a great deal of graphical interfaces, I had to work with tools such as Adobe Photoshop that gave me a valuable understanding of user interfaces and experience.

I started to feel symptoms related to the Carpal tunnel syndrome and to prevent it since I was spending nearly 12 hours daily on a computer, I had to choose between gaming and working. It's a very common issue for those using computers all day long and I was not ready to give up on computers just yet.

Distant from games, I returned to the security field and started working as a security moderator on online forums, helping people get their computers clean with tools such as HijackThis and Combofix. By this time I had stopped using Windows and jumped into the Unix world.

I was a heavy user of the BackTrack Linux distribution that later became the infamous Kali Linux. SQL injections, XSS, IDS/IPS bypassing and all kinds of exploits were the challenges I was focusing on, but something inside always told me I could be building things instead of only trying to break them.

That's when I decided to put together everything I learned so far and develop websites. At age 14, I founded a company named Shift.

I got to work with different types of customers and also understand the sales process, so far a complete mystery to me. This gave me a different perspective on software development and business.

The websites developed by Shift were initially static (XHTML/CSS only), then based on Joomla! and finally on WordPress that had just upgraded to version 3 If I recall correctly.

With the help of WooCommerce, I started an ecommerce subscription solution named Shift eLojas. I just focused on that for a while and it grew to a point where I realized a) finding a good hosting was really hard; b) I like being a technical person much more than an entrepreneur.

I decided to put an end on Shift eLojas and focus on hosting, as I always liked to deal with servers and networks and finding a good provider was difficult. I migrated my previous customers to this new hosting solution and continued to offer the managed support they all appreciated. Shift was officially closed and Infinite was born. 

I got to contribute with WordCamp São Paulo 2015 and 2017 talking about the cloud and WordPress performance. By that time I was already a Sucuri customer with Infinite and really liked Sucuri services, their WAF was simple and yet powerful.

As I never liked the commercial part of the company, I decided that I would always try to delegate the non-technical part of the company to employees and maintain Infinite just for the technical challenge of creating a good hosting solution with a very decent support. Infinite was a tiny company that didn't demand much of my time, so I applied for a job at Sucuri.net.

A few months later I was hired to work on the WAF support team at Sucuri. Quickly I was assigned to the senior support area, dealing exclusively with escalations which were the trickiest cases. As I have a background of dealing with code, network and security, I worked as a bridge between developers and support until our internal documentation was able to handle 90% of the cases and I had finished suggesting improvements to the services. I also helped with enterprise customers via Skype every now and then when things got too technical.

GoDaddy acquired Sucuri the next year and during the reorganization, I was transferred to the Technical Security team as a firewall specialist dividing my time between "supporting the support", documentation and a few internal systems. I realized I could code again, so I initiated by helping with the WordPress plugin, fixing bugs on the malware scanner and the remediation bot.

My team now is called Malware Research, a branch of GoDaddy Security Engineering. Most of the members are researchers, but I assumed a full stack developer role. Nowadays I'm coding mostly in JavaScript, PHP and Shell, developing the tools we use internally and helping with whatever deemed necessary.

It's a highly dynamic area as I got to work with a lot of different technologies, from the malware removal tools, CI/CD pipelines of serverless apps on AWS, JavaScript frameworks such as Vue/Quasar, architecture and programming methodologies such as Clean Architecture and TDD to blog posts about DDoS and other types of attacks I'm mostly familiar with.

That is my story to this day. I still have a lot to learn and my curiosity never diminishes, I am never afraid to try new things and I always try to keep an open mind so I never miss the opportunity to become a better person.