Gábor Pék from Avatao will hold a Hands-on secure software development workshop from design to deployment at BSidesBUD2018.
This workshop touches all the main phases of SDLC (i.e., design, development, code review, deployment) and gives hands-on experience for participants on how to integrate security into a given phase.
The exercises are going to be solved on the avatao platform, which provides a wide range of technologies in terms of architecture, programming languages and software stacks.
Gábor earned his M.Sc. diploma in computer science in 2011 and his Ph.D. degree in 2015 from the Budapest University of Technology and Economics, Hungary. He did research in the CrySyS Lab. together with prof. Levente Buttyán, but completed internships at iSecLab at Eurecom, France and TU Wien, Austria, too. He participated in several industrial projects (e.g., penetration testing, securing virtualization, cloud computing security) also. One of the hardware-level vulnerabilities he found (XSA-59/CVE-2013-3495) affected several Intel chipsets that enabled attacks against hypervisors such as Xen or KVM. He was one of the key members of the Duqu, Flame, Miniduke and Teamspy targeted attack investigation teams.
He founded and coordinates CrySyS Student Core since April 2013, which is an invite-only group for exceptionally talented (graduate + undergraduate) students who are interested in system security. This group gave birth to the !SpamAndHex CTF team, which became one of the top CTF teams in the world in 2 years. As a member of !SpamAndHex he is a three-times DEFCON CTF finalist, that is widely regarded as the hacker world championship.
He co-founded a spin-off called Ukatemi Technologies with some of his colleagues from the CrySyS Lab in December 2012 to mitigate current targeted attacks. He also co-founded avatao to build a cloud-based virtual lab to teach people to build secure software and systems.
Registration for workshops will start two weeks before the conference.