Getting started in security research - Kevin Backhouse

Computer security is an unusual field. Many of the most accomplished security researchers are either self-taught or did not come from a formal computer science background. For example, two of the most talented security researchers Kevin knows studied journalism in college. His own path into computer security was more conventional: he studied mathematics and computer science and then worked as a developer for 15 years. But he never expected to become a professional hacker— and his career transition into security was mostly an accident. So how do you get started in security research? There are many paths in, and security is a big field. In this talk, Kevin will give you the specific point of view of a former developer, and will focus on the secure code field. He will cover some of the techniques that he uses: code auditing, CodeQL, and fuzzing. He will also briefly discuss the different mindsets of a security researcher, compared to a developer.

Join Today
Students leading the way: Campus Experts - Juan Pablo Flores
▶︎

Students leading the way: Campus Experts - Juan Pablo Flores

Reverse Engineering for Beginners: How to Perform Static Analysis on any Piece of Software
▶︎

Reverse Engineering for Beginners: How to Perform Static Analysis on any Piece of Software

Finding Bugs: 42 Tips from 4 Security Researchers | Desmond, Joran, Nat, 0xRajeev - DSS 101 2024
▶︎

Finding Bugs: 42 Tips from 4 Security Researchers | Desmond, Joran, Nat, 0xRajeev - DSS 101 2024

trust_90: NSO Group Hacker turned Web3 Security Researcher
▶︎

trust_90: NSO Group Hacker turned Web3 Security Researcher

Fraud & Deception in Science | Elisabeth Bik, PhD
▶︎

Fraud & Deception in Science | Elisabeth Bik, PhD

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro
▶︎

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro

Casey Muratori – The Big OOPs: Anatomy of a Thirty-five-year Mistake – BSC 2025
▶︎

Casey Muratori – The Big OOPs: Anatomy of a Thirty-five-year Mistake – BSC 2025

Off-by-One 2024 Day 1 - Keynote : Breaking Into Vulnerability Research: Dr Silvio Cesare - InfoSect
▶︎

Off-by-One 2024 Day 1 - Keynote : Breaking Into Vulnerability Research: Dr Silvio Cesare - InfoSect

The Biggest Lies in Cybersecurity
▶︎

The Biggest Lies in Cybersecurity

35C3 - From Zero to Zero Day
▶︎

35C3 - From Zero to Zero Day

How to Vet a Security Researcher's Credibility With These 6 Rules
▶︎

How to Vet a Security Researcher's Credibility With These 6 Rules

USENIX Enigma 2016 - What Makes Software Exploitation Hard?
▶︎

USENIX Enigma 2016 - What Makes Software Exploitation Hard?

Cyberattacks, data encryption, extortion - How cybercriminals operate | DW Documentary
▶︎

Cyberattacks, data encryption, extortion - How cybercriminals operate | DW Documentary

The Insane Genius of a Formula 1 Gearbox
▶︎

The Insane Genius of a Formula 1 Gearbox

NOC-umentary: Inside the Black Hat NOC
▶︎

NOC-umentary: Inside the Black Hat NOC

I Found 8 CVEs in 2 Weeks (And You Can Too!)
▶︎

I Found 8 CVEs in 2 Weeks (And You Can Too!)

#57 - A chat about security research with John Hammond, Principal Security Researcher at Huntress
▶︎

#57 - A chat about security research with John Hammond, Principal Security Researcher at Huntress

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox
▶︎

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox

Vulnerability research as a lifestyle - Faraz
▶︎

Vulnerability research as a lifestyle - Faraz

How To Become A Smart Contract Auditor With Patrick Collins & Crypto Jobs List
▶︎

How To Become A Smart Contract Auditor With Patrick Collins & Crypto Jobs List