Our Keynote Speaker Announced

By Punkcoder on Friday, Apr 28, 2023


Boulder, CO - BSides Boulder, the premier community-driven cyber security conference in Boulder, is thrilled to announce Joshua Friedman, Founder at Preaxiom, as the keynote speaker for our 4th annual event. The conference will take place on June 23rd, 2023 and will once again be held on the CU Boulder campus.

Josh Friedman is a software security researcher with a focus on operating system bugs. With over twelve years of experience supporting US government missions as a defense contractor, Friedman brings a wealth of knowledge and experience to the BSides Boulder community. He is the founder of Preaxiom, where he continues to provide security insight into core internet software components.

The keynote position is something that we are always excited about, and this year is no different. We had a lot of submissions for talks and we really feel that we have a great opener for this years. It’s with a great honor that we have Josh this year to talk about bug hunting and presenting his talk:

Demystifying Bug Hunting

Analyzing software for security vulnerabilities can seem like an impossible task, especially as an individual. This talk will cover the honest details of how bugs are found including mindset, helpful background knowledge, tactics, and hard won truths about the process from over a decade of practice.

The auditing of a mature, well defended software package will require a substantially different approach from one that gets little attention from the security community. An example process for both cases will be discussed along with code reading and a few reverse engineering tips.

Bugs can still be found within competently defended products which have a mature CI pipeline with automated and manual security auditing. Program analysis via graphs with CodeQL, symbolic execution engines like Angr, traditional data fuzzers like AFL, and static analyzers integrated into compilers raise the bar but still leave security blind spots due to limitations of each approach. These limitations will be briefly discussed and hopefully show that the door on our software ecosystem is still ajar.

To learn more about Joshua Friedman and Preaxiom, please visit [website link]. For more information about BSides Boulder and to register for the event, please visit https://bsidesboulder.org/.

About BSides Boulder:

BSides Boulder is a community-driven cyber security conference that provides an open platform for the exchange of information and ideas. The event brings together industry experts, students, and enthusiasts to share knowledge and network in a relaxed, friendly environment.

Contact: info@bsidesboulder.org ###

We would like to thank the following people: Best Boy => Still Wills Cat (234-55-2987) Lead Pew-Pew-er => Will Shand (345-26-7645)