When your ambition is nothing less than the transformation of the decentralized technology landscape through the introduction of a gold standard for security auditing, you don’t start with just any team. You start with the best.
In its quest to boost security across Web3, Thesis Defense has engaged some of the top talent in the crypto auditing space: an expert and diverse team of senior auditors, cryptographers, and business specialists – all of whom have deeply personal reasons to believe in the power of decentralized technology to create a freer and more equitable world. Among them are those who learned their technology skills in hostile environments and were forced to flee state-sponsored threats to liberty, privacy, and safety.
These outstanding individuals will be united in helping to create the Defense Security Standard, a new security benchmark for decentralized technology. Only by establishing an auditing methodology that is rigorous, standardized, and repeatable will Web3 offer mainstream users the confidence they need for mass adoption.
We are proud to introduce the team behind Thesis Defense, and to briefly outline the breadth of experience and expertise they offer.
Hind Kurhan
Co-Founder
Hind is a security auditing veteran who has held senior leadership roles at Consensys Diligence and Least Authority. She moved into Web3 after building a career in Web2 operations and project management and humanitarian work. Her commitment to using decentralized technology to lay the groundwork for a world where justice prevails over power stems from her experience in technology and international development, coupled with direct exposure to people disenfranchised by the inequitable distribution of income, goods, and resources.
By applying the core tenets of web3, Hind hopes we can together resolve some of the world’s most challenging issues: from gender inequity and the exploitation of personal information, to global disparities in global wealth and income and the outsized impact of climate change on the impoverished.
Bashir Abu-Amr
Senior Project Manager
Bashir is an economist by training, with a financial analysis and business management background. Although he was first driven to the Web3 space by cryptocurrency and decentralized finance, he has since discovered that decentralized technology has many powerful and promising applications that have the potential to be an agent of positive change, fostering the betterment of our global community.
Bashir has been working with security research teams as a senior project manager and technical writer for more than three years. in the course of which he has worked 100+ security audits.
Justin Regele
Security Auditor & Engineer
Justin has been working as a penetration tester for 8 years and more broadly in cybersecurity for more than 11. He is OSCP- and OSWE-certified, has spoken at ShmooCon and TrustX conferences, and has practiced his penetration testing skills in real life in the past by climbing up trees to enter through unlocked back doors (his own).
Justin has worked on security audits for Cosmos, Mina, Tezos, Filecoin, and Ethereum, in addition to many wallet implementations, including MetaMask and MetaMask Snaps.
Languages: Javascript; Typescript; Solidity; C/C++; Rust; Go
Areas of Expertise: Penetration Testing; Wallets; Browser Extensions; Cryptography; MetaMask Snaps Implementations
Shareef Salman
Security Auditor & Engineer
Shareef is a full stack developer and security researcher with more than 7 years of experience, primarily focusing on mobile wallets and browser extensions. He’s enthusiastic about decentralized technology’s potential to introduce important social and economic changes, such as data privacy, equitable access to services, and user freedom.
Shareef has worked on security audits for a variety of projects and dApps, including wallets and browser extensions, and Stacks ecosystems.
Languages: Javascript; Typescript; Go; Solidity; Clarity
Areas of Expertise: Smart Contracts; dApps; Wallets; Browser Extensions; Frontend Implementations; React; NodeJS
Alpha
Security Auditor & Engineer
Alpha has more than 15 years of experience in auditing, penetration testing, network security, applied cryptography, and application security. In 2019, while working as a blockchain ecosystem security researcher, Alpha realized there was a significant amount of work to be done in securing decentralized technology.
In addition to working as a Thesis Defense security researcher and auditor, Alpha participates in various contest platforms and firms, conducts private audits, and participates in bug bounties. He has contributed his skills to a wide range of ecosystems and projects, including the Ethereum Beacon Chain, Althea Gravity Bridge, Tendermint Core, Cosmos SDK, Holochain, and Avalanche ecosystem projects.
Languages: Go; Rust; Solidity
Areas of Expertise: Secure Messaging; Consensus Protocols; Key Management; Access Control; Blockchain Communication Protocols; Distributed Systems
Ahmad Jawid Jamiulahmadi
Security Auditor & Engineer
Jawid has been working as a software engineer since 2014 and has been an active Ethereum contributor since 2016. He has a passion for blockchain technology's transformative potential and is particularly interested in how decentralized systems can revolutionize security and data privacy for finance.
Jawid has worked on a variety of smart contract protocol security audits, including Data Lake smart contracts, Sovryn’s Bidirectional FastBTC, PiSwap Protocol, Filfi smart contracts, Golem Foundation’s Octant, the Cube3 Protocol, and the Neokingdom DAO.
Languages: Solidity; JavaScript; TypeScript; Java; C; C#
Areas of Expertise: Solidity Smart Contracts; DeFi Protocols; DAOs
Mukesh Jaiswal
Security Auditor & Engineer
Mukesh has a long track record in security auditing. He has worked with a number of firms including Sherlock, Spearbit, and Least Authority, has been a bug bounty hunter on platforms such as Immunefi and CodeArena, and has experience as a penetration tester. Mukesh, who holds a computer science degree, has been recognized with a Kernel Fellowship from Gitcoin and is on an unending quest to enhance his knowledge of cybersecurity.
Mukesh has worked on projects including Data Lake smart contracts, Keep Network Solana smart contracts, Neokingdom DAO smart contracts, Filfi smart contracts, Zest Protocol, Golem Foundation’s Octant, the Cube3 Protocol, in addition to auditing MetaMask Snaps implementations including Web3MQ.
Languages: Solidity; Javascript; Typescript; Clarity; Rust
Areas of Expertise: Solidity Smart Contracts; Clarity Smart Contracts; DeFi Protocols; DAOs; MetaMask Snaps Implementations
El-Hassan Wanas
Security Auditor & Engineer
Wanas is a polyglot software engineer with more than a decade of experience in multiple sectors. His interests include software architecture, the development and implementation of best practices, and their security implications for systems. Within the Web3 space, he is particularly interested in bridges and smart contracts within the Tezos, Stacks, and Ethereum ecosystems. In addition to analyzing Web3 code to discover security vulnerabilities, he likes to build software using both old and new technologies to maintain a balanced perspective.
Wanas has worked on security audits in multiple blockchains and ecosystems, including Ethereum, Stacks, Tezos, Avalanche, Holochain, Althea, and others.
Languages: Solidity; Clarity; Smartpy; C; C++; Rust; Python; Go; Java; Scala; JavaScript; Perl; OCaml Areas of Expertise: Smart Contracts; Consensus Protocols; Bridges; Cryptography
Jehad Baeth
Security Auditor & Engineer
Jehad is a security auditor, software engineer, a PhD, and a published author. He is passionate about safeguarding internet freedom and seeks to improve information quality and data privacy through his contributions to securing decentralized technologies. Throughout his career, Jehad has navigated diverse professional landscapes, while continuously learning and adapting to different tech stacks with a particular focus on privacy and security.
Jehad has worked on security audits in multiple blockchains and ecosystems including Ethereum, Cosmos, Mina, Tezos, Filecoin, and Stacks. In addition to auditing MetaMask and MetaMask Snaps, he has audited many wallets including Atomic Wallet.
Languages: JavaScript; Typescript; Java, Python Go; Clarity
Areas of Expertise: Smart Contracts; dApps; Wallets; Browser Extensions; Cryptography; Consensus Protocols; Bridges; MetaMask Snaps Implementations
