Michele Spagnuolo
Michele Spagnuolo is a Staff Information Security Engineer at Google leading the Web Signals and Intelligence area in the Information Security team.
At Google, he co-authored the CSP3 W3C specification, which now protects more than a third of the Internet's HTML traffic against Cross-Site Scripting (XSS) attacks. He deployed CSP and other web security features at scale across Alphabet following a full-cycle, data-driven approach. Internally, he built Security Signals, a framework that collects and processes web traffic logs alongside instrumentation of web frameworks, making web security properties measurable at scale.
Other works include Rosetta Flash, a Pwnie Awards-nominated exploitation technique that abuses the Flash SWF format to bypass the Same Origin Policy and BitIodine, the first open source Bitcoin blockchain analysis framework, cited by around 450 academic publications.