Ricardo Prieto
As a Senior Application Security Engineer with experience in penetration testing, I focus on embedding security throughout the entire software development lifecycle. I specialize in integrating automated tools, establishing secure architecture through threat modeling, and elevating developer skills in secure coding and the safe use of AI. I am a dedicated community builder, serving as Hack The Box Ambassador (Argentina & NZ), co-founder of ThreatX Security, and sharing knowledge through cybersecurity tutoring, and I also have a great passion for my own project, PhiloCyber.
Key Skills
Job Experience
Senior Application Security Engineer
Itti, Remote | June 2025 - Present
- Integrated automated security tools (SAST, DAST, SCA) into CI/CD pipelines to expand test coverage and reduce secrets exposure in code repositories.
- Established a formal threat modeling process for high-risk projects and developed secure architecture templates to proactively mitigate design-stage vulnerabilities.
- Advanced developer capabilities by establishing SDLC standards and delivering training on secure coding, best practices, and the safe use of AI.
- Contributed to the security program by embedding early-stage reviews, automating risk workflows, and tracking team maturity via a KPI scorecard.
Cybersecurity Tutor
TripleTen, United States (Remote) | February 2025 - Present
- Delivered engaging real-time tutoring sessions via Discord, specializing in red teaming methodologies, advanced penetration testing techniques, and hands-on exploitation exercises.
- Enhanced AI-driven learning platforms and curriculum content through systematic validation and refinement, ensuring alignment with current offensive security practices and emerging attack vectors.
- Facilitated targeted 1-on-1 mentorship programs and technical reviews, creating customized learning paths focused on practical attack scenarios and real-world penetration testing challenges.
Co-Founder & Ambassador, Hack The Box Meetups (Argentina & New Zealand)
Hack The Box (HTB) | May 2024 - Present
- Founded and led Hack The Box's meetup programs in New Zealand and Argentina, organizing in-person events, CTF challenges, and workshops for 500+ members.
- Negotiated partnerships with institutions to secure free event spaces, enhancing community outreach and engagement.
- Collaborated with global teams to promote cross-country knowledge sharing and mentorship between members of varying skill levels.
ThreatX Security Co-Founder
Evolving from HTB Meetup Argentina, I co-founded ThreatX Security to build a vibrant space for Spanish-speaking cybersecurity talent. We're committed to fostering growth and strengthening our community through shared knowledge and collaboration.
About Us
ThreatX Security is a vibrant community at the forefront of the Spanish-speaking cybersecurity world, dedicated to advancing digital defense and ethical hacking. We foster a supportive ecosystem where professionals and enthusiasts connect, learn, and achieve meaningful growth together.
As a key player in Latin America's cyber landscape, we focus on empowering our members and enhancing regional expertise. Our impact—1600+ members, 26+ events, 100+ resources, and 4 years strong—contributes to a more secure digital environment for Spanish-speaking communities.
Born from the evolution of HTB Meetup Argentina, our vision is to be a trusted reference for cybersecurity excellence. We aim to inspire defenders and cultivate a resilient, collaborative community prepared for future digital challenges.
Hack The Box Ambassador
HTB invited me in May 2024 to co-build a New Zealand cybersecurity community focused on hands-on learning, collaboration, and mentorship. Later that year, I joined their super established Argentinian team, strengthening a global hub for shared knowledge and growth ❤️
Our Mission
We're building a cybersecurity community where curiosity meets collaboration. Through hands-on challenges and mentorship, we empower learners at every level—because growth thrives when no one's left behind.
What We Offer
Sharpen skills in interactive workshops, tackle real-world scenarios in CTF challenges, and brainstorm solutions in open forums. Think of it as a playground for practical learning, where theory becomes action.
Connect & Grow
Forge bonds with peers and industry leaders through virtual meetups and local events. Whether swapping career advice or teaming up on projects, this is where relationships turn into opportunities.
Earn & Celebrate
HTB fuels the fun with exclusive swag, platform perks, and recognition for standout contributions. We reward effort—because every step forward deserves applause.
PhiloCyber Project: Knowledge for All
My mission is to provide free, high-quality cybersecurity content in English and Spanish. Through practical videos and insightful blog posts, I aim to break down barriers, share my passion, and make it easier for everyone to enter and thrive in this vital industry.
Certifications
These are the certifications I have obtained over the years.
My Presentations
Here are presentations I've given on my YouTube channel, conferences and events.
Prompt Injection Attacks
October 2023
Prompt Injection Highlights:
- Attack vectors against AI systems
- Defense mechanisms for prompt engineering
- Real-world case studies of successful exploits
- Best practices for secure AI deployment
Server-Side Template Injection Workshop
August 2023
SSTI Workshop Topics:
- Template engine vulnerabilities
- Exploiting Jinja2 and Twig templates
- From detection to RCE methodology
- Practical hands-on exercises
HTTP Request Smuggling
April 2023
HTTP Request Smuggling (EN):
- CL.TE and TE.CL attack vectors
- HTTP/2 desync vulnerabilities
- Detection methods and exploitation
- Advanced chaining with cache poisoning
HTTP Request Smuggling (Spanish)
February 2023
HTTP Request Smuggling (ES):
- Vectores de ataque CL.TE y TE.CL
- Vulnerabilidades de desincronización HTTP/2
- Métodos de detección y explotación
- Encadenamiento avanzado con envenenamiento de caché