API
FAQTop ExpertsChrome Extension
Sign in

Etienne Stalmans

Security Engineer at Supabase

Barcelona, Catalonia, Spain
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Etienne Stalmans is a security engineer based in Barcelona with over a decade of experience bridging offensive research and product security across cloud-native platforms. He has held senior roles at Supabase, Aiven and Salesforce and began his career as a researcher at SensePost, giving him deep expertise in both threat research and security architecture. His open-source work ranges from enhancing sensepost/ruler — implementing MAPI/RPC interactions and brute-force/search features for Exchange assessment — to contributing security and compliance features in Supabase’s Studio, including SOC 2 docs and stricter returnTo validation. Comfortable coding in Go and shipping product-facing security controls, he brings a rare combination of hands-on exploit knowledge and pragmatic engineering for secure, compliant developer platforms.
code10 years of coding experience
job11 years of employment as a software developer
bookMSc Computer Science, MSc Computer Science at Rhodes University
languagesEnglish, Afrikaans, Spanish
github-logo-circle

Github Skills (17)

it-security10
typescript10
security10
exchange10
rpc10
go10
typescript-types10
pentesting10
typescripts10
react10
pentest10
postgresql9
nextjs9
auth8
database8

Programming languages (18)

PowerShellJavaCSSRustCPLpgSQLMakefileGo

Github contributions (5)

github-logo-circle
sensepost/ruler

Aug 2016 - Feb 2021

A tool to abuse Exchange services
Role in this project:
userBack-end Security Engineer
Contributions:18 releases, 1 review, 66 commits in 4 years 6 months
Contributions summary:Etienne primarily focused on enhancing the functionality and security of the `sensepost/ruler` tool, which targets Exchange services. Their contributions involved implementing and modifying core components related to MAPI protocol interaction, including data structures and RPC calls. They also updated the code to implement features like brute-force password attempts and search functionalities and modified existing code, such as the search function and the autodiscover mechanism, to improve user experience. The user demonstrated proficiency in Go programming and an understanding of Exchange services security vulnerabilities.
abuseexchangemapipentestingshells
supabase/supabase

Jun 2024 - Apr 2025

The open source Firebase alternative. Supabase gives you a dedicated Postgres database to build your web, mobile, and AI applications.
Role in this project:
userFull-stack Developer
Contributions:71 reviews, 55 PRs, 74 pushes in 9 months
Contributions summary:Etienne contributed to the Supabase project by implementing and modifying various features related to project settings, compliance, and documentation. They updated the Studio UI, including the addition of a compliance configuration option and a SOC 2 docs page. The user also addressed security vulnerabilities by implementing stricter validation for returnTo paths and added additional ingest hosts for Sentry.
realtimefirebase-databasewebsocketsfirestorefollow
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Privacy PolicyPrivacy Data SubjectsTerms of UseDo Not Sell My Info