Press "Enter" to skip to content

Javan Rasokat Posts

The Ticking Time Bomb: When Features Turn into Unexpected Vulnerabilities

These vulnerabilities have a common characteristic: they are inherent features of programming languages or libraries. However, it took a considerable amount of time for them to be recognized as attack vectors and actual vulnerabilities. The existence of these vulnerabilities, previously unknown until their public disclosure, resulted in a substantial and previously unidentified attack surface for malicious actors. This discovery had…

Leave a Comment

Unleashing the Power of GitHub Copilot: A Critical Review of Its Impact on Secure Coding

Today I developed a python tool to automate some processes in our vulnerability management. For this task I decided to use GitHub Copilot. Mostly by using code comments (#, //) Copilot wrote the code for me, so I did not have to care much about syntax or function names, which I keep forgetting when I am not coding in Python…

Leave a Comment

Privacy Engineering: The Missing Piece in Application Security and AI

In today’s digital age, data has become a valuable asset for organizations, and it is collected, processed, and stored at an unprecedented rate. This data contains sensitive personal information that should be kept private, and if not handled with care, can cause severe consequences for individuals and organizations. As a result, privacy engineering has emerged as a crucial discipline that…

Leave a Comment

Recap of OWASP AppSec conference

Last month I attended the OWASP Global AppSec conference in San Francisco. The OWASP conference focuses exclusively on application security, and that’s what I liked about it. The people I met there have the same job description as me: we support software development teams in securing the software development lifecycle and we help to deliver secure products for our customers.…

Leave a Comment

My talk at Ekoparty security conference

I just finished my talk at Ekoparty Security Conference Maintrack. It’s day 2 of three and the conference is just a blast. It is such a great selection of presentations and I am looking forward to the new connections I’ve made! Ya est√° disponible la charla de @javanrasokat: "A race against time" ‚Ė∂ÔłŹ https://t.co/dI6OoMwleO#MainTrackTalk #EKO2022 pic.twitter.com/GjmTqrWda2 — Ekoparty | Hacking…

Leave a Comment

Software Quality Engineering Vorlesung am DHBW CAS

Mit gro√üer Freude durfte ich vergangenen Samstag Prof. Dr. Katja Wengler bei der Mastervorlesung “Software Quality Engineering” am DHBW Center for Advanced Studies (CAS) unterst√ľtzten. Das Modul “Software Quality Engineering” besch√§ftigt sich mit der Analyse von Softwaresystemen und deren Optimierung. Was ist Softwarequalit√§t, wie kann Softwarequalit√§t bewertet oder verbessert werden? Je nach Vorkenntnissen der Teilnehmer werden Themen wie Refactoring, Clean…

Leave a Comment

My upcoming talks at #Eko2022 and #GlobalAppSecSanFran

I am already very excited that I will be giving a talk at Ekoparty security conference 2022 in Buenos Aires. #Eko2022 My talk outline: https://ekoparty.org/en_US/eko2022/main-track-talks-a-race-against-time-javan-rasokat Get your tickets here: https://ekoparty.org (free) #GlobalAppSecSanFran I am also looking forward to be part of the OWASP Global AppSec in San Francisco. My talk is on the last day of the conference. Check out…

Leave a Comment

My keynote on “beekeeping and technology” at PLCnext Technology Community Summit

Beekeeping is a fantastic hobby, which I have been doing for over 8 years. I never thought I would get to combine the technical world of sensors and automation in one talk from a beekeeper’s perspective. But it gave me great pleasure to give my keynote on beekeeping and technology at PLCnext Technology Community Summit. With my contribution to this…

Leave a Comment

My talk on “Exploiting Race Condition Vulnerabilities in Web Applications” at #HITB2022SIN conference

I was very pleased to give my presentation on race condition vulnerabilities in web applications at this year’s HITB conference in Singapore. The talks with the participants, the other presentations, the organisation, everything was very well done and I was able to exchange ideas with the security community in Singapore and internationally.The people, the city and the food are amazing.Many…

Leave a Comment

Secure Coding Vorlesung an der Hochschule

Mit dem Thema Informationssicherheit und der sicheren Softwareentwicklung kann man nicht fr√ľh genug beginnen. Deshalb ist in diesem Sommersemester 2021 an der DHBW Karlsruhe im Studiengang Wirtschaftsinformatik ein Teil des Studiums das Secure Coding. Als Ent¬≠wick¬≠ler von Weban¬≠wen¬≠dun¬≠gen ist man heu¬≠te mit viel¬≠f√§l¬≠ti¬≠gen Ge¬≠fah¬≠ren¬≠po¬≠ten¬≠tia¬≠len kon¬≠fron¬≠tiert. Die Be¬≠dro¬≠hun¬≠gen zu ken¬≠nen, Fall¬≠stri¬≠cke zu ver¬≠mei¬≠den und mit den rich¬≠ti¬≠gen Ma√ü¬≠nah¬≠men ent¬≠ge¬≠gen¬≠zu¬≠wir¬≠ken ge¬≠h√∂rt zwei¬≠fel¬≠los…

Leave a Comment