About us

What is TunaSec?

TunaSec is a group of people who deal with IT security and see the purpose of educating people in this area. The closest team consists of five people, but we work with a number of experts and enthusiasts who share values ​​with us. Our goal is to provide the basics of IT security to a broader range of people working with sensitive data. We have years of experience in education and we know what is best for effective learning. We operate primarily in Brno and Prague.

Filip Holec

Filip is the project leader of the non-profit company TunaSec and organizes meetups of the Brno community. He founded the company ENGETO, where he works as a technical leader and product manager and focuses on the direction of the company. In the past, he worked as a tester at Red Hat on Linux distributions and obtained several Red Hat certificates.

He graduated from FIT VUT in Brno and spends his free time with self-education and organizing events and hackathons. Hacking is an important part of his life from various perspectives - for example in business, biohacking, IT security or physical security (lockpicking).

Martin Žember

Martin has been working in the field of IT security for more than 12 years and currently works as a contractor in the field of red teaming, penetration testing, vulnerability analysis, malware, physical systems security and, last but not least, programming. He enjoys participating in competitions in the Czech Republic and around the world. In the spring of 2019, he won the Conference Security hacking competition, which has a long tradition among conferences in the Czech Republic.

Martin is also a Red Hat Cerified Sysadmin and uses his knowledge of Linux in his daily life. He also taught Linux at Charles University. He regularly lectures at conferences on IT security - recently at Information Security meetups under the auspices of OWASP, but also at the DefCamp hacker conference in Bucharest.

In addition to IT security, he deals with physical security - opening locks (lockpicking). As part of the red team tasks, he often found himself in a secure area and proved his knowledge at the Czech Lockpicking Championship, where he placed himself in the Top 5 in the Czech Republic.

He is a lecturer of the Ethical Hacking course in the ENGETO Academy for Prague and Brno.

Petr Skyva

Petr is an expert in reverse engineering and forensic analysis of applications and binaries. He works at Cleverlance as a systems engineer specializing in cryptographic certificates, Apache Tomcat and Java. His work overlaps with DevOps, where he specializes in the Kubernetes technology. He also works as a consultant for smaller companies in the field of security.

He studied FIT VUT in Brno and is also a magic trick performer.

Ján Masarik

Ján Masarik specializes in web application security and often uses attack vectors such as SSRF and HTTP request smuggling. He was in charge of the security at Kiwi.com before joining the Facebook security team. Via bug bounty programs, he reported dozens of security vulnerabilities to other companies, and his diploma thesis on the automation of bug bounty systems at FI MUNI also received an award from the dean of the faculty.

Among other things, he is one of the leaders of the OWASP Czech Chapter and the organizer of OWASP conferences in Brno.

Kamil Vávra

Kamil has been involved in ethical hacking since he was 15, when he first learned about XSS and SQL. Since then, he has reported weaknesses in the security of companies' systems around the world. He currently works as an application security engineer in a large Brno company.

He is interested in offensive security, bug testing and web application penetration testing. In his spare time, he reads books on IT security.


We started meeting more intensively at the beginning of 2018, primarily to participate in the so-called CTF (Capture The Flag) events, where we compete with other teams to solve various non-trivial challenges in the field of IT Security.

We have participated in a number of conferences, have had lectures and since 2019, we have been organizing several events for IT security enthusiasts in Brno. Now we want to help people who do not have knowledge of IT security.

In 2019, we placed in the TOP 50 security teams in the world in the prestigious Google CTF competition.


Our certifications cover different areas from system administration to offensive security. Namely, the RHCSA and RHCE certificates represent the system administration and OSCP demonstrates the practical knowledge of penetration testing, as well as Burp Suite Certified Practitioner.

People from the wider TunaSec community have other IT security certifications, such as CISSP, CEH, CISA.

OSCPBurp Suite Certified PractitionerRed Hat Certified System AdministratorRed Hat Certified EngineerGoogle Cloud CertificationGoogle Cloud Certification
TunaSec z.s.
Koliště 1965/13a, Černá Pole, 602 00 Brno
Phone  +420 774 071 231
Envelope  info@tunasec.com