Freelancer profile translated to English.

Back to original language

Description

🔐 Is your SaaS truly ready to withstand an attack?

I help you identify and fix your vulnerabilities before an attacker does.

👨‍💻 Web & security developer for 10 years (20+ SaaS), I specialized in offensive web application security.

Today, I assist startups and SMEs with:

- Performing applicationpentests(web app, API, auth, business logic…)

- Helping you integrate security into development cycles (best practices, tools, processes)

-Training your developerson web attacks and self-defense (practical labs, final wargame)

🎯 My offers:

- Web application pentest

- Product security support: tooling, coaching, security "by design"

- 100% practical training: web & offensive security, Security Champion role

📍 France – remote or occasional on-site

Certifications: CBBH (HackTheBox), ACP (APISec)

With all this, we surely have many topics to discuss ;)

Feel free to contact me, we will have at least gained an interesting conversation💡

Industry field of expertise

Languages

French
Native or bilingual
English
Conversational

Workplace preferences

Remote only

Primarily works remotely

ASYMIS
Application Security Consultant | Pentest · AppSec
January 2025 - Today (1 year and 5 months)
Nantes, France
Web Penetration Testing
Impact analysis / compromise scenarios
Black box / white box, detailed report, remediation support
Code and configuration review (Keycloak, BaaS...)
SaaS Security Support
Threat modeling
Implementation of development best practices
Tool installation (SCA, SAST, DAST)
Secure Development Training (schools / companies)
Integrating security into projects
Secure development / DevSecOps
OWASP Top 10 Web Security Web Pentest Appsec
Lonestone
Web Security Auditor
October 2022 - December 2024 (2 years and 3 months)
Nantes, France
- Scoping security needs for web products (sites / APIs)
- White box / black box penetration testing
- Code auditing
- Developer training (awareness / secure development / "hacking" techniques / mini-CTFs) The methodology used is largely inspired by OWASP and PTES recommendations. It also combines DevSecOps approaches to help our clients raise their security maturity level.
Web Security OWASP Top 10 Web Pentest
Lonestone
Web Security Referent
February 2022 - December 2024 (2 years and 11 months)
Nantes, France
- Intervention on agency projects for security audits
- Internal training on secure development & "hacking" techniques
- Consulting and recommendations to our clients on security issues

Check out Johan's experience

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Engineer's Degree, Computer Software Engineering
ISTIA - Engineering School of the University of Angers
2015
Engineer's Degree, Computer Software Engineering
University Diploma in Technology (DUT) in Computer Science, Software Development
IUT of Laval
2012
DUT Informatique, Développement logiciel

Certified Bug Bounty Hunter
Hack The Box
2023
https://www.credly.com/badges/8c041895-600a-401c-b0f0-82aa881100d4
API Pentest Web Pentest

Johan Brun

Externalized application security

About Johan

Experience

Web Penetration Testing

SaaS Security Support

Secure Development Training (schools / companies)

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories