Mike Cotic

Background: Ex-Unit 81 Israeli Army with extensive experience in cybersecurity, threat analysis, and advanced security research methodologies. Started with vulnerability research and then moved to fuzzing. Worked in on-premise cybersecurity companies in Israel, Singapore, and Barcelona for 10+ years.

Current Role: Blockchain Infrastructure Engineer at Lava Network, building decentralized RPC infrastructure and data processing systems.

Technical Expertise:

  • Blockchain Infrastructure: Multi-chain protocol development, RPC infrastructure, real-time data pipelines processing 50M+ daily events with Redis/DragonflyDB replica architecture for low-latency caching
  • Real-time Analytics Infrastructure: Designed and operated Lava’s RPC analytics infrastructure powering JSInfo + Stats, with distributed ingestion and caching pipelines using Kafka → TimescaleDB → Redis, delivering millisecond-fast metrics to public dashboards

Fuzzing Infrastructure Engineering Lead & Cybersecurity Research:

  • Previous 10+ years of security work was enterprise/internal focused with proprietary infrastructure
  • Built enterprise-scale fuzzing infrastructure using blade server clusters with segmented networks
  • Developed in-house crash deduplication and reduction systems for large-scale vulnerability discovery
  • Implemented distributed fuzzing across multiple isolated network segments for security containment
  • Created automated crash analysis pipelines processing thousands of unique crashes daily
  • Designed high-throughput testing environments with custom hardware configurations optimized for continuous fuzzing operations
  • Advanced fuzzing methodologies, vulnerability discovery, exploit development

Recent Personal Research:

  • WebKit security research project targeting iOS Safari and graphics processing vulnerabilities
  • Systematic fuzzing campaign across iPhone and iPad devices using custom test case generation
  • Discovered and analyzed 3,626 crashes in WebKit’s graphics rendering pipeline and WebGL shader processing
  • Developed automated crash classification and reproduction framework for iOS security research

Military Service: Unit 81, Israeli Defense Forces - specialized cybersecurity and intelligence operations with focus on advanced persistent threats and security analysis.

Infrastructure Stack:
Languages & Core: Go, TypeScript, C/C++, Java, Node.js, Bun, Python
Databases: PostgreSQL, TimescaleDB, Redis, MongoDB, Prisma
Message Queues & Streaming: Apache Kafka
Frontend: React, Next.js, Tailwind CSS, Radix UI, Material-UI, Recharts, Chart.js, SWR
Backend Frameworks: Fiber (GoFiber), Fastify, Drizzle ORM, GORM
DevOps & Infrastructure: Docker, Kubernetes/GKE, Terraform, Helm, Nginx, Traefik
Cloud Platforms: Google Cloud Platform, AWS
Blockchain: Cosmos SDK, CometBFT, Ethers.js, WalletConnect, MetaMask
Monitoring & Observability: Prometheus, Grafana, New Relic
Development Tools: Git, SVN, Jest, Playwright, ESLint, Prettier, Vite, Webpack, Nx monorepo, pnpm
Protocols & APIs: WebSockets, gRPC, JWT
Systems: Linux kernel drivers, LLVM instrumentation, AddressSanitizer
Mobile: iOS app development
Financial Systems: trading bots, aggregation systems
Fuzzing & Security Tools: Python, C/C++, Assembly (x86/ARM), AFL++, honggfuzz, LibFuzzer, LLVM SanitizerCoverage, QEMU user-mode emulation, GDB/LLDB, IDA Pro, Ghidra, Frida, AddressSanitizer, MemorySanitizer, ThreadSanitizer, UBSan, KASAN, Syzkaller, Linux kernel drivers, Windows kernel debugging (WinDbg, Kernel debugging), virtualization (VMware, QEMU), Windows internals, Linux kernel internals