On the latest episode of Security Nation, we’re joined by Daniel Crowley, IBM X-Force Red’s Research Director — aka Global Research Baron (a title that delights Jen Ellis’s British sensibilities). Daniel tells Jen and Tod all about his team’s security research internship program, which gets undergrad and grad students involved in pentesting and other forms of research in real-world environments through a series of bootcamps. He also divulges some research project ideas for those looking to uncover vulnerabilities in hidden places — including your calendar invites.
Stick around for the Rapid Rundown, where Jen and Tod talk about DEF CON highlights, the Cyber Symposium non-findings, and — you guessed it — ransomware.
Daniel Crowley
Daniel is the primary author of the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool. In the security industry since 2004, he is a frequent speaker at conferences like Black Hat, DEF CON, Shmoocon and SOURCE. Daniel also holds the noble title of Baron in the Principality of Sealand.
Show notes
Interview Links:
The original Watchfire paper on HTTP Request Smuggling from 2005HTTP request smuggling reborn by James KettleHTTP/2 Request Smuggling from DEF CON 2021Free TCP/IP bugsFree ICS bugsSnyk's Zip Slip researchRapid Rundown Links:
All the DEF CON videos security nation daniel crowley running cybersecurity internship
