Presented at
BSidesSF 2022 Rescheduled,
June 5, 2022, 11:35 a.m.
(25 minutes).
Why do the same security bugs keep popping up repeatedly, those we all know from the OWASP Top 10? We believe the future of security lies in eliminating vulnerabilities by using secure code defaults and present a study showing that secure defaults can significantly raise a company’s security bar.
Presenters:
-
Colleen Dai
- r2c
Colleen Dai is a security software engineer at r2c, a startup working on building static analysis tools that focus on precision and being custom-fit to the consumer. At r2c, Colleen has worked on language parsing along with AST matching. She is also writing rules and performing research to find security vulnerabilities in open source code. Colleen recently received her B.S. in Computer Science and M.S. in Statistics from Stanford. She regularly enjoys Brazilian Jiujitsu, drawing, and trying (and failing) not to eat everything in her fridge.
-
Grayson Hardaway
- r2c
Grayson Hardaway is a security researcher at r2c, a startup working on static analysis tools purpose-built for the modern workflow. At r2c, Grayson authors static analysis tailored for finding security vulnerabilities in open source code. Previously, Grayson worked for the US Department of Defense fuzzing and exploiting obscure protocols. When not submitting patches, Grayson is hefting a heavy pack uphill, crafting guitar solos, or learning something new: currently woodworking.
Links:
Similar Presentations: