ACNS 2025 2025 · Munich, Germany
The Impact of SBOM Generators on Vulnerability Assessment in Python: A Comparison and a Novel Approach
Giacomo Benedetti · Serena Cofano · Alessandro Brighente · Mauro Conti
Serena
Cofano
PhD in Cybersecurity · Software Engineer
Belgium (open to remote)
I recently completed my PhD in Cybersecurity at IMT School for Advanced Studies Lucca and the University of Genoa, where I specialized in Software Supply Chain Security. My research focused on SBOM generation and its impact on vulnerability assessment in Python ecosystems. I am now looking for industry roles as a security engineer or software engineer in Belgium or remote.
Experience
Oct 2024 – Jun 2025
Visiting PhD Student
KTH Royal Institute of Technology, Stockholm, Sweden
Designed and implemented a Java-based prototype to identify software dependencies at runtime. Contributed to an international research team and helped organize a workshop on software supply chains.
Dec 2022 – Nov 2025
PhD Researcher — Software Supply Chain Security
IMT School for Advanced Studies Lucca & University of Genoa
Research on SBOM generation, vulnerability assessment, and software supply chain security in Python ecosystems. Published 3 papers in international peer-reviewed conferences.
Sep 2023 – Nov 2023
Cybersecurity Consultant
CINI — Consorzio Interuniversitario Nazionale per l'Informatica, Genoa
Contributed to the IT-Alert national public alerting system. Analyzed security requirements, designed a Security-by-Design pipeline, and delivered training to the development team.
Jul 2022 – Nov 2022
Research Scholarship
University of Genoa
Researched Android virtualization and ART instrumentation, focusing on privacy improvement through data anonymization techniques.
Mar 2021 – Dec 2021
Internship — Front-End Developer
Talos srl, Genoa
Built a web front-end for data visualization using Angular, TypeScript, and MongoDB.
May 2021 – May 2022
Junior Software Developer
Aizoon Consulting, Genoa
Developed and maintained front-end and back-end enterprise applications using C#, JavaScript, and Angular in an agile team environment.
Education
2022–2025
PhD in Cybersecurity
IMT School for Advanced Studies Lucca & University of Genoa
2022
MSc in Computer Engineering
University of Genoa
2019
BSc in Biomedical Engineering
University of Genoa
Skills
Programming
Python Java C# JavaScript TypeScript SQL Bash
Frameworks & Tools
Angular AngularJS Maven MongoDB Git Docker Linux Android
Security
Software Supply Chain Security SBOM Generation & Analysis Vulnerability Assessment OWASP Top 10 ISO 27001 GDPR · NIS2 · CRA Security-by-Design
Publications
Research on software supply chain security, SBOM, and vulnerability assessment.
SIGBOVIK 2025 2025 · Pittsburgh, PA
UPPERCASE IS ALL YOU NEED
Vivi Andersson · Benoit Baudry · Sofia Bobadilla · Ludvig Christensen · Serena Cofano · Khashayar Etemadi · Raphina Liu · Martin Monperrus · Frank Reyes García · Javier Ron Arteaga · Aman Sharma · Deepika Tiwari · Tim Toady
IEEE TrustCom 2024 2024 · Sanya, China
SBOM Generation Tools in the Python Ecosystem: an In-Detail Analysis
Serena Cofano · Giacomo Benedetti · Matteo Dell'Amico
Activities
Conferences
23rd International Conference on Applied Cryptography and Network Security (ACNS 2025)
June 2025 · Munich, Germany
23rd IEEE International Conference on Trust, Security and Privacy (TrustCom 2024)
December 2024 · Sanya, China
ITASEC23 — Italian Conference on Cybersecurity
May 2023 · Bari, Italy
Workshops
4th KTH Workshop on the Software Supply Chain 2025
April 2025 · KTH, Stockholm, Sweden
Summer Schools
Summer School on Artificial Intelligence and Cybersecurity
September 2025 · TU Wien, Vienna, Austria
Teaching
Computer Security
MSc in Computer Engineering · University of Genoa
November 2023 – March 2024
Beyond the Lab
Research is what I do. Curiosity is who I am.
Languages
Italian — native
English — C1
French — B1
German · Spanish — A2
TryHackMe ↗
Practicing offensive security through CTF challenges and guided labs.
Hiking & Nature
Mountains, trails, and fresh air whenever possible.