06-28, 17:30–18:30 (US/Eastern), Grand Salon
Decompilation Panel
As Vice President of Oracle's Software Assurance organisation, I lead a team of world-class security researchers and engineers whose passion lies in solving the big issues in Software Assurance. Our mission is to make application security and software assurance, at scale, a reality. We enjoy working with today's complex enterprise systems composed of millions of lines of code, variety of languages, established and new technologies, to detect vulnerabilities and attack vectors before others do. Automation is important, so are security assessments.
Cristina was the founding Director of Oracle Labs Australia in 2010, a team she led for close to 12 years. As Director of Oracle Labs Australia, I led a team of world-class Researchers and Engineers whose passion lies in solving the big issues in Program Analysis. Our team specialises in software vulnerability detection and developer productivity enhancement – in the context of real-world, commercial applications that contain millions of lines of code. My team successfully released Oracle Parfait, a static analysis tool used by thousands of C/C++/Java developers each day. Our inventions have resulted in dozens of US patents at Oracle and Sun Microsystems, and our impact on program analysis is well known through our active participation and publication record.
Cristina’s passion for tackling the big issues in the field of Program Analysis began with her doctoral work in binary decompilation at the Queensland University of Technology, which led to her being named the Mother of Decompilation for her contributions to this domain. In an interview with Richard Morris for Geek of the Week, Cristina talks about Parfait, Walkabout and her career journey in this field.
Before she joined Oracle and Sun Microsystems, Cristina held academic posts at major Australian Universities, co-edited Going Digital, a landmark book on Cybersecurity, and served on the executive committees of ACM SIGPLAN and IEEE Reverse Engineering.
Cristina continues to play an active role in the international programming language and software security communities. Where possible, she channels her interests into mentoring young programmers through the CoderDojo network and mentoring women in STEM.
Chris Wysopal is the founder and CTO at Veracode with responsibility for security research, product security and information security. Prior to joining Veracode, Chris worked as a software developer before diving into security research and security consulting. He had security research roles at several companies, including Symantec, @stake and the hacker think tank, L0pht where he was one of the original vulnerability researchers in the 1990s. He has testified on Capitol Hill in the US on the subjects of government computer security and how vulnerabilities are discovered in software. He is also the author of "The Art of Software Security Testing" published by Addison-Wesley.
Rusty Wagner is a founder of Vector 35 and the architect of Binary Ninja, a reverse engineering and static analysis platform created at Vector 35. His main focus on the product has been the creation of a series of progressively higher level intermediate representations to analyze and decompile binary code in an architecture agnostic and easily scriptable way.
He is the author of Pwn Adventure, Vector 35's series of video games designed to be hacked. These games provide a fun way for students to learn about reverse engineering techniques and security concepts.
Mr. Wagner also has over a decade of industry experience in the development of dynamic analysis tools, with a focus on emulation and hypervisor implementations of debuggers and scriptable dynamic analysis frameworks.