Security Vulnerabilities
Past Presentations
Encryption Without Magic, Risk Mngmnt Without Pain
In-depth technical inquiry about cryptography in a wider context: how it helps to narrow more significant risks to controlled attack surfaces, enables managing the risk efficiently and elegantly, how tools and algorithms sit in a broader context of managing infrastructure-wide risks associated...
How Performance Optimizations Shatter Security Boundaries
With the customers demand of high-performance computing, CPU manufacturers deploy more and more sophisticated optimizations in their processors to increase the performance as much as possible. However, these performance optimizations often come with the downside of enabling side-channel attacks...
Security Vulnerabilities Decomposition
In most companies security is driven by compliance regulations. The policies are designed to contain the CWEs each company is interested to comply with. The result of this approach is a high number of insecure applications are still produced and injection is still King. Is there another way...
Interviews
How Performance Optimizations Shatter Security Boundaries
What is the focus of your work today?
The work of our Secure Systems group at Graz University of Technology focuses on the secure and efficient implementation of (cryptographic) algorithms, security architectures as well as side-channel and fault attacks. Personally, my main focus is on microarchitectural side-channel attacks on personal computers and mobile devices. We...
Read Full InterviewSecurity Vulnerabilities Decomposition
What is the work you're doing today?
Today I work as an application security consultant at Veracode. As part of my job, I help developers and software architects to secure their software. I work with development teams and help them fix correctly the security flaws identified by automated tools, to ensure that they have been remediated in a secure manner.
Read Full Interview