Andrés Riancho is an application and cloud security expert that leads the open source w3af project, and provides high-quality security assessment services to companies around the world. In the research field, he identified new techniques which can be used to escalate privileges in Amazon AWS infrastructures, discovered critical vulnerabilities in IPS appliances, multiple vulnerabilities in web and REST APIs, and contributed with SAP research performed at a former employer. His main focus is application security, where he developed w3af, a web application attack and audit framework used extensively by security professionals. During the last few years, his focus shifted towards AWS and GCP cloud security, performing security assessments to help his client's secure their cloud infrastructure. Andrés has spoken and held trainings at many security conferences around the globe including BlackHat, OWASP USA, SecTor, Ekoparty, T2, and CanSecWest.