Work samples
Writing
While contracting with the Google Open Source Security Team, I worked with team members to develop ideas for their blog posts. I would interview the authors, create an outline for the post and work with the authors on a series of drafts and revisions. Here are my favorite pieces:
- AI-Powered Fuzzing: Breaking the Bug Hunting Barrier
- Supply chain security for Go series
- Getting to know the Open Source Vulnerability (OSV) format
- Using the determineversion API to find C/C++ vulnerabilities
Here are a few other pieces of writing from over the years:
- Five things I knew about security, before I knew anything about security
- Django security tips
- A year-old dormant malicious remote code execution vulnerability discovered in Webmin
Speaking
- Google Cloud Next 2019: Securing Serverless by Breaking In
- JS Conf US 2019: Postmortem on the Ingen Incident
- Developing a Security Mindset: Practical Lessons for Pythonistas for PyTexas
Code
In Case of Emergency: 2020 Dev.to x Twilio Hackathon runner up