I am a senior cybersecurity researcher focused on the cyber capabilities of AI systems. At the US AI Safety Institute (AISI), I leverage my background in cyber capability evaluation to assess current and next-generation AI models, studying the relationship between the capability frontier and potential cyber harms while advancing the science of AI security evaluations.

Previously, I spent a decade at MIT Lincoln Laboratory in the Cyber System Assessments Group where I led a research team focused on the intersection of dynamic program analysis, firmware security, and vulnerability discovery. In this role, I helped define the field of firmware rehosting while building open-source tools and applying them to analyze critical systems’ security. This work in systems security evaluation and testing methodology now informs my approach to understanding AI systems’ capabilities and security implications.

I earned my PhD in Computer Science from Northeastern University and BS from Rensselaer Polytechnic Institute, where I was an active member of RPISEC. I’m passionate about cybersecurity education and have developed courses for universities, government agencies, and private companies. The materials from my System Security with Dynamic Program Analysis course are publicly available.

All my publications are available as open access on Google Scholar.

🔥 News

• 2024.11: Joined the US AI Safety Institute as a senior advisor focused on cybersecurity
• 2024.08: Gave a DEF CON talk about reverse engineering LLMs
• 2022.11: Ran my first international training course in Munich, Germany focused on firmware security
• 2022.01: Created and taught CS 4910 "Dynamic Program Analysis for System Security " at Northeastern University
• 2021.05: Presented our SoK paper Enabling security analyses of embedded systems via rehosting at AsiaCCS 2021
• 2017.07: Led the Lab RATs to a 10th place finish in DEF CON CTF CTF finals. News coverage
• 2016.12: Discovered 10 CVEs in a McAfee antivirus product. News coverage

🧑‍💻 Open Source Projects

• Hypervisor Dissociative Execution: A framework for dynamic analysis of virtualized guest systems based on system call injection. GitHub Repository.
• Firmware Rehosting: Suite of tools for automated firmware rehosting and dynamic analysis of firmware to be released alongside BAR 2025 publication
• PANDA.re: A whole-system dynamic analysis platform for reverse engineering and software understanding. Fork of the QEMU codebase with significant modifications to enable record/replay, a plugin architecture, and Python based analyses. GitHub Repository. Project Website
• LAVA: An automated framework for injecting vulnerabilities into software to evaluate bug-finding systems. LAVA uses PANDA’s whole-system dynamic taint analysis to identify how input data flow through a program and uses this information to propose and evaluate patches to soruce code to add vulnerabilities. GitHub Repository (No longer maintained)
• Rode0day: A vulnerability discovery competition powered by LAVA where users compete to find new bugs each month. Unlike prior self-evaluations, Rode0day competitors had no knowledge of where the bugs were until we released the solutions after each competition ended. Project website (No longer maintained)

📝 Academic Publications

• Target-Centric Firmware Rehosting with Penguin. Andrew Fasano, Zachary Estrada, Luke Craig, Ben Levy, Jordan McLeod, Jacques Becker, Elysia Witham, Cole DiLorenzo, Caden Kline, Ali Bobi, Dinko Dermendzhiev, Tim Leek, and William Robertson. NDSS BAR 2025 View pdf

• Hypervisor Dissociative Execution: Programming Guests for Monitoring, Management, and Security. Andrew Fasano, Zak Estrada, Timothy Leek, William Robertson. ACSAC 2025. View pdf

• Homo in Machina: Improving Fuzz Testing Coverage via Compartment Analysis. Josh Bundt, Andrew Fasano, Brendan Dolan-Gavitt, William Robertson, Timothy Leek. ACM AsiaCCS 2021. View pdf

• PyPANDA: Taming the PANDAmonium of Whole System Dynamic Analysis. Luke Craig, Andrew Fasano, Tiemoko Ballo, Timothy Leek, Brendan Dolan-Gavitt, William Robertson. NDSS BAR 2021. View pdf

• Evaluating Synthetic bugs. Josh Bundt, Andrew Fasano, Brendan Dolan-Gavitt, William Robertson, Timothy Leek. ACM AsiaCCS 2021. View pdf

• SoK: Enabling Security Analyses of Embedded Systems via Rehosting. Andrew Fasano, Tiemoko Ballo, Marius Muench, Tim Leek, Alexander Bulekov, Brendan Dolan-Gavitt, Manuel Egele, Aurelien Francillon, Long Lu, Nick Gregory, Davide Balzarotti, William Robertson. ACM AsisaCCS 2021. View pdf

• The Rode0day to Less Buggy Programs. Andrew Fasano, Tim Leek, Brendan Dolan-Gavitt, Josh Bundt. IEEE Security and Privacy Magazine 2019. View pdf

💬 Invited Talks

• 2024.08, DEFCON AIxCC: “A Reverse Engineer’s Guide to Mechanistic Interpretability” Video and slides.
• 2023.10, New York University: “The Trials, Tribulations, and Triumphs of Whole System Dynamic Analysis: Lessons from a Decade in the Trenches”
• 2019.10, AvengerCon: “The LAVA has Hardened! Building a Better Bug Corpora to Evaluate Bug-Finders”
• 2019.08, USENIX WOOT: “Rode0day: A Year of Bug-Finding Evaluations”
• 2018.08, USENIX WOOT: “Rode0day: Searching for Truth with a Bug-Finding Competition”
• 2018.10, MIT Techsec: “Intro to Web Exploitation”

🎖 Honors and Awards

• 2020.09 R&D100 Award: LAVA was awarded an R&D100 award for its impact advancing the state of the art in vulnerability discovery.
• 2019.09 MIT Lincoln Scholar Award: Selected to receive special funding through a competitive process to pursue my research.
• 2017.06 MIT Lincoln Laboratory Team Award: Award for outstanding technical achievement.