Max is a Security Researcher for Semgrep and a volunteer for Pacific Hackers Association. He enjoys rsearching creative ways to keep software secure and private. He has spoken previously at Pacific Hackers Conference and RSA Conference, and also organizes the Pacific Hackers CTF as an opportunity to share hacking knowledge and experience with the community.

Presentations

22x

How To Write A Vulnerability Disclosure

For anyone that has ever had a job in vulnerability management, sifting through endless amounts of poorly written, ambiguous, misleading vulnerability advisories has never been a fun part of the job. Information is often withheld or left out, their descriptions are hard to understand, and sometimes they are unfortunately just plain wrong. For a long time, vulnerability databases like the NVD have been heralded as a single source of truth when they, like all things, are fallible. My aim is to bring attention to this problem, and to help security researchers.

See Presentation