Finding Bugs: 42 Tips from 4 Security Researchers
11-13, 09:45–11:15 (Asia/Bangkok), Classroom B

Billions of dollars are at risk, and protocols spend millions on security through audits and bug bounties. Have you ever wondered how you can become a top security researcher securing these billions?

In this workshop, 4 recognized security researchers share their experiences on smart contract security with practical tools & techniques to find & report vulnerabilities. Security researchers, even aspirational ones, can take away some key advice to improve their smart contract security skills.

Rajeev is a security researcher and the founder of Secureum & TrustX. Having spent ~25 years doing security research, he dedicates his time to scaling Ethereum security by collaborating with leading initiatives in this ecosystem.

This speaker also appears in:

Joran has worked on various aspects of smart contract security. He’s built and worked on lots of security and dev tools including mythril, vertigo and tree-sitter-solidity. This is also his primary focus at Consensys Diligence, where he collaborates with other researchers in building an effective security tool stack. Not just sticking to tools, Joran is an active and successful bounty hunter.

Nat is an independent security researcher with 4+ years of security experience and 3 years of development experience. She currently specializes in manual smart contract review, invariant analysis and invariant development. She frequently hosts workshops on property testing at conferences and enjoys climbing in her spare time. Nat is the author of solc-select and a former senior security engineer at Trail of Bits.

Security researchers with +5 years dedicated to smart contract security. Co-founder of The Red Guild, a security & education team working for the public benefit of the Ethereum ecosystem. Creator of Damn Vulnerable DeFi. Former lead security auditor at OpenZeppelin.

This speaker also appears in: