ISSessions 2023 – 04 – 06

Tomorrow, April 6th will be our final meeting of the term. Join us in room J102, or online on our Discord or our YouTube.
We will begin with our News roundup as usual, then have a talk on security-based activities you can do over the summer.
Lastly, after our break, we will finish off the meeting with our special guest Samy and their discussion on How to Read Code for Security Practitioners.
We will, unfortunately, be saying goodbye to our current Exec team, but the show must go on. Please give a warm welcome to the new Exec team who will be taking over after this term.
https://www.youtube.com/@ISSessions

Agenda
7:00 Kick-Off
7:05 News
7:15 Summer Security
7:35 Break
7:40 How to Read Code for Security Practitioners – Samy

About Samy
Samy has more than a decade in infosec, he is currently Staff Product Security Engineer at Okta. Outside of work he loves learning, doing CTFs, reading RFCs, and looking at code. OSCP, OSWE, CISSP.

How to read code for security practitioners
Imagine you joined a new company, after onboarding, you are given a huge code base to evaluate. What would you do? What’s the plan? Or you are asked to “make it secure”, find vulnerabilities in the code, or see if the code is vulnerable to a specific class of vulnerabilities. How are you going to approach it?

All resources out there teach us how to write code, but no one teaches us how read code. We’re going to fix that in this talk