My research area is software security, more specifically in development and application of different techniques in detection of vulnerabilities in software, namely web applications and C programs. I have been exploring machine learning techniques and NLP to improve and innovate the detection of vulnerabilities. I am the author of software security tools, being the WAP tool (http://awap.sourceforge.net/) the most popular and which uses data mining to predict false positives during the analysis of the source code of web applications. Also, the DEKANT tool uses NLP to analyze the source code of applications in the discovery of vulnerabilities.

Currently, I am the coordinator of the SEAL project (http://seal.lasige.di.fc.ul.pt/) which aims to leverage of NLP techniques to develop new techniques to process web application in discovery and identification of vulnerabilities and correction of the code of them to remove the vulnerabilities found.

I am an integrated researcher of the LASIGE - Large-Scale Informatics Systems Laboratory (https://www.lasige.di.fc.ul.pt/), and a member of the Navigators research group (https://navigators.di.fc.ul.pt/wiki/Main_Page).