David Wolf · Portfolio Use Case
Advanced security research across ProdSec, AppSec, AI risk management, and AI voice threat modeling at enterprise SaaS scale.
Led advanced security research across product security, application security, and AI risk management at ServiceNow — one of the most widely deployed enterprise workflow platforms. Conducted deep-dive reviews, consulted with PSIRT, and collaborated with the Red Team on emerging AI voice threat research.
Client
ServiceNow
Engagement Type
Full-Time (FTE)
Period
Jan 2022 – May 2025
Role
Senior Principal Security Research Scientist
Focus Areas
Advanced product security research, Application security (AppSec) at enterprise SaaS scale, AI risk management and emerging AI threat research
The Context
ServiceNow's platform underpins critical enterprise workflows for thousands of organizations globally. As AI capabilities were embedded into the platform — including voice interaction and agentic automation — the attack surface expanded well beyond traditional web and application security into novel, less-characterized AI threat territory.
The Challenge
Conducting principled security research at a platform of ServiceNow's scale requires navigating deep technical complexity across web, database, and virtualization surfaces while simultaneously staying ahead of emerging AI threat vectors that lack established research frameworks. PSIRT coordination at this scale demands research depth and operational discipline simultaneously.
What I Did
The Outcome
Delivered proactive security research that surfaced vulnerabilities before exploitation across critical platform surfaces.
Scope
Covered web, database, Linux virtualization, and AI voice attack surfaces
Consultation
Role bridged research depth with operational vulnerability response
Key Deliverables
Client
ServiceNow
Engagement Type
Full-Time (FTE)
Period
Jan 2022 – May 2025
Role
Senior Principal Security Research Scientist
Focus Areas
Advanced product security research, Application security (AppSec) at enterprise SaaS scale, AI risk management and emerging AI threat research
The Context
ServiceNow's platform underpins critical enterprise workflows for thousands of organizations globally. As AI capabilities were embedded into the platform — including voice interaction and agentic automation — the attack surface expanded well beyond traditional web and application security into novel, less-characterized AI threat territory.
The Challenge
Conducting principled security research at a platform of ServiceNow's scale requires navigating deep technical complexity across web, database, and virtualization surfaces while simultaneously staying ahead of emerging AI threat vectors that lack established research frameworks. PSIRT coordination at this scale demands research depth and operational discipline simultaneously.
What I Did
The Outcome
Delivered proactive security research that surfaced vulnerabilities before exploitation across critical platform surfaces.
Scope
Covered web, database, Linux virtualization, and AI voice attack surfaces
Consultation
Role bridged research depth with operational vulnerability response
Key Deliverables
At a Glance
Focus Areas
Tools & Technologies
Public-Safe Caveat
Based on public professional record. Specific vulnerability findings, internal research outputs, and PSIRT case details are omitted for confidentiality.
David Wolf
AI Security · Product Security · Security Leadership
Based on analyzed public signals, not proof of any individual's or company's internal state.
