George-Andrei Iosif
Software Security Engineer Canonical
BIOGRAPHY
Andrei spent the previous year as a technical leader of a startup automating cybersecurity solutions and as a security engineer in the Romanian Army. After determining that the startup idea was unfeasible, he left the public sector and accepted a position at Canonical to secure Ubuntu and its open-source components. He currently focuses on software security, with his most recent important contribution being an open source cyber reasoning system capable of discovering, exploiting, and repairing vulnerabilities in ELF executables. In addition, he occasionally analyses cybersecurity papers in a section of the Ubuntu Security Podcast.
The Open Source Fortress: Finding Vulnerabilities in Your Codebase Using Open Source Tools
Regardless of where it is hosted, a codebase could end up in the hands of malicious actors. Aside from the open source scenario, attackers may utilize sophisticated techniques to access and download it. Okta’s 2022 breach, in which the source code of the identity and access management platform was obtained from GitHub, is an example. With this in mind, developers are advised to take a defensive posture, namely to uncover as many flaws in their code as possible before releasing it to the public.
This presentation will provide both theoretical and practical information about detecting vulnerabilities in codebases. The host will explain how each technique works, what open source tools are available, and then provide real examples. The latter implies the discovery of vulnerabilities in a custom, purposefully vulnerable codebase written in C and Python. Static techniques such as linting, symbolic execution, and code querying will be discussed, as will dynamic techniques such as fuzzing.
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Carina Deaconu
Software Engineer Pentest-Tools.com
Remi Gascou
Senior Security Researcher Podalirius Labs
Radu Ionicioiu
Senior Researcher in Quantum Technologies IFIN-HH
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Business is a key division of Orange Romania, specializing in providing cutting-edge communication, technology, and digital transformation solutions tailored to businesses of all sizes. With a strong emphasis on innovation, Orange Business offers a wide array of services, including high-speed connectivity, cloud computing, cybersecurity, Internet of Things (IoT), and managed services. Their mission is to support organizations in their digital transformation journey by enhancing operational efficiency, improving customer experience, and maintaining a competitive edge in a rapidly changing digital environment.
Orange Business combines deep technological expertise with a customer-centric approach, ensuring that each solution is customized to meet the specific needs of their clients. Their commitment to innovation and excellence makes them a trusted partner for businesses seeking to thrive in the digital age.