Mehdi Karimi, Ph. D.

Director of Cyber Security

dotCMS

Mehdi leads dotCMS's security team. He holds a PhD, specializing in cybersecurity, from the University of British Columbia. He is also the holder of two patents, including one in AI Fuzzig. His Google Scholar page shows he has well over 300 citations. One of his papers is the best paper awardee at the top-tier DSN conference. At dotCMS, Mehdi mainly leads compliance drills across SOC 2, ISO/IEC 27001, ISO/IEC 42001, TX-RAMP, NIST 800-53, and CSF 2.0. He addresses customer questionnaires and helps fix vulnerabilities from time to time, utilizing vibe-coding! Mehdi has 20 years of experience in the high-tech industry and has led multifaceted security programs. Mehdi's contribution to AI security and supply chain protection is phenomenal. Mehdi's favorite sport is soccer as a veteran midfielder, and now he usually swims and skis seasonally.

Articles by this author

29 Oct 25
AI in CMS
Turning AI-Driven Cyber Risk into Action for CMS Market Leaders
Learn best practices for data integrity, AI governance, executive metrics, and building organizational resilience with dotCMS. Stay ahead of threats and enhance digital trust in your content management system.
28 Jul 25
Intranet Security Best Practices
This article covers some of the most common threats to an intranet and the best practices for securing your company's intranet from cyberattacks.
24 Apr 25
Product
The 5 CMS Security Vulnerabilities Most Teams Miss
Understand why dotCMS is a trusted choice for securing critical infrastructure in banking, healthcare, and government sectors with industry-leading practices and real-time monitoring.
2 Oct 24
Content Management
Stability and Security: How the WordPress Licensing Dispute is Impacting Enterprise CMS
Recent events in the content management space, including WordPress's licensing disputes, have highlighted the critical need for stability in enterprise CMS platforms.
8 Jul 24
Product
dotCMS Recommendation and Response to the Polyfill.io Supply Chain Attack
In this article, dotCMS provides our investigation into the Pollyfill.io supply chain attack and a responsible recommendation to our valued customers.
1 May 24
Content Management
Security Headers Best Practices
Implementing a Content Security Policy and Permission Policy is more straightforward than people might think, and there are many resources available to guide developers through the process.
12 Oct 23
Content Management
Culture and Communication: The Cornerstones of Robust Security
Discover the pivotal role of culture and communication in building an impenetrable shield against cyber threats, and explore real-world insights from dotCMS on infusing security into every layer of your organization.
25 Jul 23
Business
Safeguarding Your Content: The Importance of Security in CMS
Content Management Systems (CMS) are an essential tool to manage and deliver content. However, as cyber threats continue to evolve, the need for dependable security measures within CMS platforms has become paramount.
7 Mar 23
Content Management
How the Latest WordPress Security Issue Is Impacting Enterprises
The latest WordPress security issue has sparked many questions around the security of the CMS platform as well as the websites that have chosen to rely on it. At dotCMS, we’re committed to providing the highest level of security for our CMS platform and customer sites.