This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Security B-Sides London 2014

29th April 2014 (that’s a Tuesday)
Kensington and Chelsea Town Hall, Hornton Street, London, W8 7NX
View analytic
Tuesday, April 29 • 2:45pm - 3:45pm
A Day In The Life (Of A Security Researcher) LIMITED

Sign up or log in to save this to your schedule and see who's attending!

Limited Capacity seats available

Ever wonder how to find vulnerabilities? In 2013, I averaged 4-6 CVE assignments each month and in this presentation I will go over general tips and tricks I have found most effective at locating unknown vulnerabilities. Vulnerabilities explored will include web vulnerabilities (XS*, command-injection, SQLi, etc) and C/C++ application vulnerabilities (memory corruption, logic errors, etc). To demonstrate the effectiveness of these techniques, I will provide examples vulnerabilities along with the path which led me to finding them without the use of commercial analysis tools. I will also discuss some of my experiences working with vendors and developers to harden their products.

avatar for Craig Young

Craig Young

Security Researcher, Tripwire
Craig Young is a computer security researcher with Tripwire's Vulnerability and Exposures Research Team (VERT). He identified and responsibly disclosed hundreds of vulnerabilities in products from Google, IBM, NETGEAR, Adobe, HP, Apple, and others. His research resulted in numerous CVE assignments and repeated recognition in the Google Application Security Hall of Fame. Craig won in track 0 and track 1 of the SOHOpelessly Broken contest at DEF... Read More →

Tuesday April 29, 2014 2:45pm - 3:45pm
Great Hall The Town Hall, Hornton Street, London W8 7NX