The talk will describe the age-old problem of code re-use and a community based approach to solve it. Its 2012 and everyone is still getting owned by stack smashing and SQL Injection. We are doing something about it.

Waqas Nazir

Waqas has worked as an Information Security Consultant for Fortune 50 clients where he delivered services in various arenas of information security. He has conducted numerous code reviews, black box assessments, product reviews, fuzz testing, and exploit developent. Waqas has worked with Microsoft Research (MSR) to develop code analysis tools used for identifying areas of vulnerabilities in code. He has also been featured in Microsoft s Information Security Newsletter.

Prior to DigitSec, Waqas was at Washington Mutual Bank in a team responsible for assessing security of all technology solutions being deployed at the bank. He led numerous penetration tests on a diverse range of financial systems and applications. While at Washington Mutual Bank, he incorporated security into the systems development life cycle. He was also recognized for his work at the bank and was presented with excellence awards. He is also credited with the discovery and disclosure of vulnerabilities in many products and web applications.