Yaniv Yakobovich is a research engineering leader with six years of software and ML engineering experience, currently heading a research engineering team at Pagaya in Tel Aviv. He blends applied machine learning and security expertise, having transitioned from hands-on roles at CyberArk to ML-focused research engineering at Pagaya. His open-source security work includes contributions to kubesploit, where he implemented container breakout and vulnerability testing modules—highlighting a practical, offensive-first understanding of container and cloud risks. A former IDF intelligence team leader with a computer science degree from Reichman University, he brings disciplined leadership, threat-oriented thinking, and a knack for turning security research into production-ready tooling.
6 years of coding experience
4 years of employment as a software developer
Bachelor of Science - BS Computer Science, Bachelor of Science - BS Computer Science at Reichman University
High School - Program for Excellence in Mathematics Mathematics, High School - Program for Excellence in Mathematics Mathematics at Bar-Ilan University
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
Role in this project:
Security Engineer
Contributions:32 commits, 8 PRs, 5 pushes in 8 months
Contributions summary:Yaniv primarily contributed to the development of security-focused modules and utilities within the `kubesploit` repository, which is a post-exploitation tool. Their work involved implementing functionalities for container breakout, vulnerability testing (e.g., testing for CVE-2019-5736), and the exploitation of SYS_MODULE capabilities. These contributions demonstrate a strong focus on identifying and leveraging security vulnerabilities within containerized environments, which aligns with the core purpose of the repository. The user also implemented modules to enumerate system information, such as kubelet connections, and to extract sensitive information like tokens, furthering the post-exploitation focus.
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
Contributions:18 pushes in 8 months
golangagentsecuritypost-exploitationcontainerized
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Yaniv Yakobovich - Research Engineering Team Lead at Pagaya