The Department of Computer Engineering (DEI) of the “Instituto Superior de Engenharia do Porto” (ISEP), in collaboration with the Master’s in Computer Engineering (MEI), invites to attend the lecture with the theme “From Theory to Practice - Navigating the Challenges of Vulnerability Research”, that will take place on November 21th, at 6 p.m., in room B301.
Abstract
Transitioning from theoretical knowledge to the practical aspect in web security often presents some extra challenges. Real-world scenarios introduce complexities such as bad character filters and Web Application Firewalls (WAFs), demanding the researcher to investigate some way to bypass these restrictions.
Some of our learnings:
- Drawing from collaborative efforts and senior industry research becomes pivotal.
- Embracing failure as a learning experience is fundamental.
- Learn more about how ethical security research faces legal hurdles in countries like Portugal, hindering progress and discouraging potential researchers. Navigating this bridge from theory to practice in web security requires technical prowess and resilience.
Bio
Raphael Silva is an AppSec Analyst at Checkmarx. He has participated in public speaking and public-facing activities, notably a Code Review workshop at AppSec Village at DEFCON30 and talks about Artificial Intelligence and AppSec. Over the years, Raphael has found multiple vulnerabilities in open-source products and is constantly looking for ways to expand his knowledge in the field, whether it's sharpening his technical skills by reading innovative research, participating in CTFs, engaging in bug bounty or obtaining certifications. He is eWPTXv2 certified and is currently enrolled inOSCP.
Organization
This lecture is organized by QTDEI in collaboration with the Master´s in Informatics Engineering (MEI) of the “Instituto Superior de Engenharia do Porto” (ISEP).