Rogerio Peixoto is a software engineer with five years of experience specializing in security-focused development and open-source contributions. Based in Portugal/Israel, he has strengthened infrastructure-as-code security by adding vulnerability detection, similarity IDs, and unit tests to the well-regarded Checkmarx KICS project. He brings practical expertise in analyzing Dockerfiles, Ansible, and CloudFormation templates to catch unpinned dependencies, risky upgrade patterns, and publicly exposed resources early in the pipeline. Rogerio blends hands-on engineering with a security mindset, producing auditable, test-covered improvements that reduce deployment risk. An understated strength is his ability to translate subtle misconfigurations into deterministic detection rules that scale across diverse IaC ecosystems.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Role in this project:
Security Engineer
Contributions:1602 reviews, 430 commits, 1768 PRs in 1 year 9 months
Contributions summary:Rogerio focused on adding security vulnerability detection capabilities to the KICS project. Their contributions include adding queries to detect various security issues related to unpinned package versions, the use of `apk upgrade`, and publicly accessible resources within Dockerfiles, Ansible, and CloudFormation templates. The user also implemented a system to generate similarity IDs for vulnerability results and added unit tests to validate these features.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.