Alyssa Herrera is a seasoned web application security researcher with nine years of experience in offensive testing, exploit development, and security auditing for both commercial and government targets. She has led application security programs at Zoom, contributed to high-stakes DoD offensive assessments, and earned recognition on multiple bug bounty platforms including HackerOne and Synack. Comfortable across server, cloud, and front-end attack surfaces, she pairs practical exploit work (notably SSRF research) with developer-focused remediation guidance and threat-centric GRC thinking. As a self-directed learner proficient in Bash, Python, and PHP, she frequently explores emerging company technologies to map novel vulnerability vectors. Based in California, Alyssa blends hands-on red-team tactics with mentoring and community engagement from roles such as Bugcrowd Ambassador and independent consultant.
9 years of coding experience
2 years of employment as a software developer
GED, Highschool Equivalent, GED, Highschool Equivalent at Santa Rosa Junior College
Contributions:3 PRs, 16 pushes, 1 branch in 10 months
milbugbountysecuritysubdomainspentesting
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Alyssa Herrera - Security Researcher at Self-employed