Matthew Szymanski

Matthew Szymanski

Matthew Szymanski is a Senior Security Engineer specializing in Offensive Application Pentesting. Passionate about AppSec, he leverages over a decade of experience as a programmer to discover and help remediate vulnerabilities. He has developed and taught secure coding workshops, mentored Jr Security Engineers and Developers as well as presented at Security Conferences.

Montreal 2020 sessions

How Hackers Attack GraphQL and What You Can Do About It

English session - Intermediate

As GraphQL is set to overtake RESTful architectures. This newfound popularity also draws the attention of hackers. Well-known companies have suffered from critical vulnerabilities hidden within GraphQL endpoints. I will show you what GraphQL looks like from a hacker's perspective and walk you through typical attacks against this technology. We will wrap up by discussing ways developers can protect their API from these threats.

Identify Vulnerabilities Within Your SDLC on a Budget

English session - Intermediate

As your code moves along the development and deployment pipeline, it becomes increasingly expensive to remediate security vulnerabilities. We will walk through each stage of this journey to introduce low cost and open source solutions to help you identify security issues before they are exposed to hackers. I will teach you how to use hacker tools to hack yourself first and protect yourself from breaches, on a budget.