Hello Everyone,
For this quarter's OWASP Croatia meetup, we have 2 topics that will be delivered virtually (Over Google Meet):
- Duncan Townsend: Hacks Averted - Large-value DeFi hacks that didn't happen due to responsible disclosure from whitehat hackers
- Dinko Korunić: Web application security using HAProxy
- Chill and Chat - Stay a while and chat with others from OWASP Croatia
Note that the first talk will be in English and second talk will be in Croatian.
See you!
Talk abstracts and bios follow:
Title: Hacks Averted
Large-value DeFi hacks that didn't happen due to responsible
disclosure from whitehat hackers
Summary:
DeFi are becoming more numerous and sophisticated. Responsible
disclosure by whitehat hackers is the last bastion of defense against
these hacks. We will review several several smart contracts that were
the subject of responsible disclosures. After a conversation with the
audience about the vulnerability, we will examine the technical
details of the bug. We will consider the root causes of the
vulnerability and discuss practices the project could have adopted in
order to avoid this class of bugs in the future.
Bio:
Duncan Townsend, CTO
With a background as a Machine Learning and Security Engineer. After
completing a S.B. and M.Eng. in AI at MIT, he has worked at a series
of pure-tech startups before co-founding his own at Immunefi. While at
MIT, in 2010, he started hacking on cryptocurrency projects. Other
past projects have included direct image-to-trajectory deep neural
nets, zero-knowledge homomorphic encryption chat routing, formally
verified encrypted chat, and a high-performance regular expression
compiler. At Immunefi, he is tapping into his expertise not only in
software security best practices, but also in physical security,
operational security, and encryption.
