Software Engineer & AppSec Specialist
Ciao! I'm Francesco, a Software Engineer from the beautiful island of Ischia, and my career perspective is building software that I'd want to exist in the world. As a researcher and engineer, I've published work in empirical software engineering, developed AI systems for education, and shipped backend infrastructure in production. Now, nearing the completion of my Master's in Cybersecurity, I'm looking toward a different kind of challenge — one where the code I write contributes to cleaner energy and a more sustainable future. Technology is most meaningful when it serves something larger than itself.
CVing
Responsible for back-end development of a job-matching application using AI to connect people seeking career opportunities. Tech stack: Java Spring, Go, PostgreSQL, Google Cloud, Jenkins. Managed the full development lifecycle from code writing to deployment. Handled DevOps processes using Jenkins and Google Cloud for CI/CD and scalability.
Università degli Studi di Salerno
Involved in empirical research in Software Engineering. Focused on dataset preparation and consolidation for performance analysis, bug fixing, and quality control of experimentally collected data. Contributed to the rigor and reliability of statistical analyses published in scientific research. Tech stack: Java, Ruby.
Università Mercatorum
Study and application of neuro-linguistic processing techniques to improve digital support in learning. Tech stack: Python 3, NLP algorithms, Relational and non-relational DBs, Node.js, JavaScript, TypeScript, Git, GitHub.
Capgemini
Team management, development and AMS for a client in the Global Automotive sector. Reference consultant for the client. Team leader on the AMS side for 1 year. In-depth work on database optimization. Tech stack: .NET Framework, WebForms, Razor Pages, MVC, .NET Core 6, Oracle SQL, PL/SQL, JavaScript, HTML, CSS, IBM DataStage, GIT Repo.
Advances in Web-Based Learning – ICWL 2023
The COVID-19 pandemic has changed the way we do education in recent years. In fact, thanks in part to the progress of the Internet, there has been an exponential growth in courses delivered in distance mode. Among these, Massive Open Online Courses are undoubtedly those courses where the growth in enrolments has been strongest: in fact, even in universities there are distance courses with thousands of enrolments. In this scenario, it is really difficult, if not impossible, for a teacher to monitor the learning process of her/his class, unless he or she is equipped with one or more tools enabling him or her to follow the students, in their learning process, in a more analytical manner. In this paper we propose a web tool, the AI4T system, a dashboard usable as a web application, which allows the teacher, once an assignment has been assigned to her/his students, to monitor their outcomes through a representation in a two-dimensional space. We present an initial experiment with encouraging results.
Evaluation and Assessment in Software Engineering - EASE 2025
Most Software Engineering (SE) human-based controlled experiments rely on students as participants, raising concerns about their external validity. Specifically, the realism of results obtained from students and their applicability to the software industry remains in question. In this short paper, we bring further evidence on this controversial point. To do so, we compare 62 students and 42 software professionals on a bug-fixing task on the same Java program. The students were enrolled in a Bachelor's program in Computer Science, while the professionals were employed by two multinational companies (for one of them, the professionals were from two offices). Some variations in the experimental settings of the two groups (students and professionals) were present. For instance, the experimental environment of the experiment with professionals was more realistic; i.e., they faced some stress factors such as interruptions during the bug-fixing task. Considering the differences between the two groups of participants, the gathered data show that the students outperformed the professionals in fixing bugs. This diverges to some extent from past empirical evidence. Rather than presenting definitive conclusions, our results aim to catalyze the discussion on the use of students in experiments and pave the way for future investigations. Specifically, our results encourage us to examine the complex factors influencing SE tasks, making experiments as more realistic as possible.
A Go REST API that scans public GitHub repositories — including full commit history — for secrets, API keys, and sensitive credentials.
A content-based image retrieval system built on Vector Quantization (VQ). Given a query image, the system retrieves the most visually similar images from the Corel-1K database by comparing regional color codebooks.
AutoGit is a python bot that automatizes commits to keep github activity streak
CodeStresser is a ML-driven static analysis framework that scans source code in multiple programming languages to detect security vulnerabilities. It extracts per-vulnerability features and uses machine learning models to predict severity and confidence, generating a structured, developer-friendly security report.
Blockchain Task Diary è un progetto che ha lo scopo di mostrare l'utilizzo della blockchain e degli smart contracts di solidity per gestire i dati di un'applicazione.
CookieClickerBot is a bot developed to automate the Cookie Clicker game. The bot automatically clicks on the cookie. This program was developed using the Test Driven Development (TDD) methodology.
HowsGoingCore is an ASP.NET project which is meant to implement a database-focused application. In this application daily posts and friendships are managed.
"humidity_and_temp_via_iot" is a project created to demonstrate the skills obtained through the IoT Security course at Università degli Studi di Salerno. It consists of Arduino R4 WiFi code with an Android studio app that simulates a typical IoT system that works thanks to the internet and the cloud. Communication is encrypted thanks to AES-128.
Baobab is a web-based productivity timer.
UniBiblio is a portal for managing book and study room reservations in university libraries, with administrative and analytical features.
ToDoList made using Blazor (.NET).
A personal calendar web app with real-time weather and moon phase tracking, built with ASP.NET Core 6 MVC, Entity Framework Core, and external APIs.
WeatherReport is a REST API written in .NET 7. It is meant to give information about the weather and give statistics about it.
TaskTracker is an exercise project in Angular. After following the crash couse (https://www.youtube.com/watch?v=3dHNOWTI7H8) I'm coding the project back again to add my personal functionalities and graphic style as an exercise.