Author
Diego Ramirez
About
Head of Zero Day Research at PlatformSecurity, running the firm's vulnerability discovery program. 30+ published CVEs across embedded systems and enterprise software, with deep expertise in exploit development, fuzzing, and reverse engineering.
Articles by Diego Ramirez
8 results
- Red Team
How to Decrypt and Analyze iOS Apps for Penetration Testing
Complete guide to decrypting iOS IPAs, static analysis techniques, Frida instrumentation, and advanced iOS app security testing workflows.
05/24/20267 min read - Vulnerability Research
Ingress-NGINX RCE (CVE-2025-1974)
CVE-2025-1974 allows unauthenticated remote code execution in Kubernetes Ingress-NGINX by abusing unsanitized annotations. Dive deep into the vulnerability mechanics, proof-of-concept, real-world applicability, and mitigations.
04/01/20253 min read - Pentesting
PCI DSS Pentesting: Requirements & Compliance
PCI DSS penetration testing: requirements, scope, who must comply, how to satisfy assessors. Requirement 11.3 explained. Practical guidance for PCI pentests.
01/15/20254 min read - Pentesting
Pentesting vs Vulnerability Scanning: The Difference
Pentesting and vulnerability scanning are often confused. Learn the key differences, when to use each, and how they fit into a complete security program for networks, applications, and cloud.
11/12/20243 min read - Pentesting
Network Security for Modern Enterprise
Modern network security solutions go beyond firewalls. Explore zero trust, segmentation, and the importance of offensive testing in protecting enterprise infrastructure.
07/12/20242 min read - Application Security
Secure Systems Design: Best Practices
Building secure systems requires a proactive approach to architecture. Learn the core principles of security engineering and how to build resilience into your products.
05/15/20242 min read - Application Security
App Pentesting vs API Security Testing
Understand the differences between application penetration testing and API security testing. Learn why modern apps need both to protect against OWASP Top 10 and logic flaws.
04/10/20242 min read - Vulnerability Research
Zero Day Research: Finding Unknown Vulns
Zero day research is the hunt for previously unknown security flaws. Learn how researchers find vulnerabilities and why this work is critical for securing modern software.
01/05/20242 min read