Agustín Martínez Fayó

Security Engineer

email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Agustín Martínez Fayó is a Security Engineer from Spain with eight years of hands-on experience building and hardening security software. He has been active in security-focused development since 2004 and contributes to prominent open-source projects such as spire (SPIFFE runtime) and ghostunnel, where he implemented CA plugins, CSR signing, and advanced TLS verification features. His work bridges backend Go development and cryptographic tooling, notably adding URI SAN verification and client-side certificate assertions to strengthen mutual TLS. Comfortable integrating gRPC and Go libraries like go-spiffe, he specializes in practical, production-ready identity and certificate management. Colleagues rely on him for pragmatic solutions that tighten authentication boundaries without sacrificing interoperability.
code8 years of coding experience
github-logo-circle

Github Skills (19)

crypto10
tls1210
cert10
user-authentication10
authentication10
proxy10
tls1310
security10
mtls10
certificate10
go10
certificate-authority10
libtls10
ca10
x509certificates10

Programming languages (7)

JavaShellCSSCMakefileGoRich Text Format

Github contributions (5)

github-logo-circle
spiffe/spire

Aug 2017 - Jan 2023

The SPIFFE Runtime Environment
Role in this project:
userBackend Developer
Contributions:1495 reviews, 261 commits, 822 PRs in 5 years 6 months
Contributions summary:Agustín's commits focus on implementing and modifying features related to a memory-based Certificate Authority (CA) plugin and an upstream CA plugin, both utilizing the Go programming language. They developed functionality for signing Certificate Signing Requests (CSRs) and generating CSRs, as well as integrating and using existing CA features. The changes included modifying the plugins to handle X.509 SVID certificates and the integration with gRPC frameworks.
runtimespifferuntime-environment
ghostunnel/ghostunnel

Jul 2017 - Oct 2017

A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.
Role in this project:
userSecurity Engineer
Contributions:9 commits, 4 PRs, 3 comments in 2 months
Contributions summary:Agustín primarily contributed to enhancing the security aspects of the `ghostunnel` project. Their work focused on adding server certificate assertions and implementing client-side verification for various certificate attributes such as CN, OU, DNS SAN, and IP SAN. They introduced the `verify-uri-san` argument, utilizing the `go-spiffe` library to further validate server identities based on URI subject alternative names. The user's changes included modifying core authentication logic and integrating new features for TLS configuration.
pkcs11keychainsslhsmproxy
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Agustín Martínez Fayó - Security Engineer