You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Lorenzo FradeaniLF

Lorenzo Fradeani

Cybersecurity Specialist & AI Engineer

€250/day
Carrara, IT
3-7 years

Average response time: 1 hour

About Lorenzo

I help companies and startups on two fronts: I build production-ready AI applications, and I secure web applications and AI systems against real world threats. The two skills are equally my craft, not one supporting the other.
I work with AI startups and scale-ups that need a technical partner equally fluent in AI engineering and security, with software houses and agencies looking for white-label expertise on specific projects, and with SMEs and professional firms that need serious security audits or secure web development.
What sets me apart: the same engineer who builds your RAG system can also pentest it, review the code that backs it, and harden the infrastructure that hosts it. The combination matters because the moment an AI product touches real client data, security stops being a checkbox and becomes part of the product itself.

Verifiable proof:

– Public CVE on Patchstack (CVSS 7.5 HIGH) found through white-box code review on a widely used WordPress plugin

– Second vulnerability rated CVSS 8.3 HIGH (Snipe-IT, enterprise asset management) currently under coordinated disclosure with MITRE

– Proprietary agentic offensive framework (closed-source, demo under NDA): six AI agents covering reconnaissance, exploitation, evasion, and reporting

– Audio AI classification model fine-tuned to 93.86% validation accuracy, deployed in production for a live performance technology studio
Typical deliverables:

– Web application penetration testing and white-box code review

– Security audits of LLM pipelines, agentic systems, and DNS configurations

– Vulnerability research on custom and open-source codebases

– End-to-end AI applications: RAG systems, fine-tuned models, agentic workflows

– Secure web applications with A+ security headers and hardened publishing infrastructure

Italian VAT registered, compliant invoicing, no withholding tax applied. Available remotely across Europe and on-site in northern Tuscany.
  • Italian

    Native or bilingual

  • English

    Fluent

Can work on-site
Carrara (up to 50km)

Experience

  • Lorenzo Fradeani
    Cybersecurity Specialist
    DIGITAL AND IT
    January 2023 - Today (3 years and 7 months)
    Italy
    Independent cybersecurity specialist focused on offensive security, vulnerability research, and security audits for web applications and AI systems.

    Verifiable results:

    – Public CVE on Patchstack (2026): Broken Access Control vulnerability identified in a widely used WordPress plugin (Eventin), CVSS 7.5 HIGH. The flaw lies in a public REST API endpoint exposing valid wp_rest nonces to unauthenticated visitors, with multiple controllers using the nonce as the sole authorization check. Validated by Patchstack and patched by the vendor.

    – Second vulnerability rated CVSS 8.3 HIGH in Snipe-IT (enterprise asset management system), currently under coordinated disclosure with MITRE.

    – Systematic white-box review applied to over 30 WordPress plugins and codebases, using a proprietary methodology focused on authorization logic, input handling, and trust boundaries.
    Excalibur — proprietary agentic offensive framework:
    Closed-source framework I have been building for autonomous security testing operations. Six orchestrated AI agents covering the full engagement lifecycle: reconnaissance, exploitation, evasion, command-and-control, and reporting. Real-time tactical dashboard, multi-operator C2 architecture, and a custom evasion engine. Demo available under NDA.
    Service offering for clients:

    – Web application penetration testing and white-box code review

    – Vulnerability research on custom and open-source codebases

    – Security audit of DNS configurations (SPF, DKIM, DMARC) and HTTP security headers

    – Hardening of publishing infrastructure (Cloudflare, WAF, security headers)

    – AI security: red-teaming of LLM-based applications, prompt injection assessment, agentic pipeline review
    Cybersecurity artificial intelligence PenTest
  • Lorenzo Fradeani
    AI/ML Engineer
    DIGITAL AND IT
    January 2024 - Today (2 years and 7 months)
    Carrara, MS, Italy
    Independent AI/ML engineer focused on building production-ready AI systems end-to-end: from model training to deployment, with a strong emphasis on reliability, maintainability, and security of the underlying pipeline.

    ALIVE — Real-time audio sentiment classifier (lead engineer):
    Custom AI system designed and built from scratch for welcome.covohotel.com, a technology studio for live performance. Operating as lead engineer on the project since 2024.

    – Audio classification model fine-tuned to 93.86% validation accuracy on a proprietary dataset of audience reactions

    – End-to-end ML pipeline with ONNX export, continual learning loop, and versioned dataset management

    – Multi-platform desktop application built with Tauri and a Rust backend, performing real-time inference on-device

    – Designed to drive generative visuals from the audience's emotional state during live performances
    Service offering for clients:

    – End-to-end design and development of custom AI applications, from data collection to production deployment

    – Fine-tuning of open-source language and audio models on proprietary datasets


    – RAG (Retrieval-Augmented Generation) systems for enterprise knowledge bases

    – Multi-step agentic workflows with tool use and orchestration

    – Production ML pipelines: training, ONNX export, on-device or server-side inference, monitoring

    – Technical advisory on AI architecture and tooling choices for early-stage products

    Stack: Python, PyTorch, HuggingFace, ONNX Runtime, FastAPI, LangChain, Tauri, Rust.
    Approach: I deliver projects that are built to last in production, not as demos. Every system I build includes proper evaluation harnesses, monitoring, and documentation that allow the client team to maintain and extend the work after handover.
    artificial intelligence Machine learning LLM

Recommendations

Be the first to recommend Lorenzo

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Higher Technical Institute (ITS)
    2026

Certifications

  • OSCP+
    OffSec
    PenTest Cybersecurity

Skill set

Categories