Roi Kol is a security researcher with a decade of hands-on experience in cyber defense and applied kernel-level tooling, currently advancing threat detection at Aqua Security. His background includes four years in IDF cyber units and deepening technical studies in computer science, giving him a practical and disciplined approach to security engineering. Roi contributes to prominent open-source projects like aquasecurity/tracee, adding eBPF-based signatures in Go to detect subtle indicators such as stdio-to-socket redirection and unauthorized file access. He blends low-level systems expertise with real-world incident awareness, focusing on building auditable, runtime security controls that scale in production environments. Colleagues describe him as a detail-oriented researcher who turns kernel insight into actionable detection logic.
10 years of coding experience
Computer Science, Computer Science at The Open University of Israel
Contributions:131 reviews, 100 commits, 92 PRs in 1 year 11 months
Contributions summary:Roi contributed to the security features of the `tracee` project, specifically by adding signatures. These signatures focused on identifying potential security vulnerabilities, such as standard input/output redirection to a socket and unauthorized access to sensitive files, using Go. The commits demonstrate an understanding of eBPF and kernel security, as the signatures are built to run with the `tracee` eBPF engine.
Contributions:1 PR, 308 pushes, 92 branches in 2 years 10 months
tracingebpfdockerobservabilityevent-system
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.