PERSONAL DETAILS ---------------- Name: Silvio Cesare DOB: 14th July 1976 Nationality: Australian Email: EXPERIENCE ---------- QUALYS INC. Qualys (www.qualys.com) provides automated vulnerability assessment. QualysGuard can detect ~2000 remote vulnerabilities, on almost anything accessible via the internet. I was working on the development of the QualysGuard vulnerability scanner from 2001 - 2002. 2002: Qualys Inc. Scanner Architect. Redwood Shores, CA, USA. 2001: Qualys Technologies, SA. Security Engineer. Paris, France. Development track record at Qualys --> 1400+ references in the build history. 3500+ log entries in the CVS. 59000+ annotations in the CVS. During this time, I also reverse engineered malicious binaries in Linux for Qualys. I also (part-time), audited software, contributing patches where necessary. I have reported or patched 100+ vulnerabilities in opensource operating system kernels (see attachment). PRESENTATIONS ------------- CanSecWest: Reverse Engineering with ELF (2002). Qualys: Vulnerability Scanning Internals (2002). NETWORKING ---------- Proficient: TCP/IP, 802.3. Exposure: 802.11b. TCP/IP is the "meat" of any internet (extranet) scanner. I'm not a networking guru though :) PROGRAMMING LANGUAGES --------------------- Expert: C, shell scripting. Proficient: i386 ASM, Pascal, Fortran. Exposure: Java, C++, Prolog, SQL, Python. Forgotten: 6502 ASM, Z80 ASM, 68K ASM, BASIC. Markups: HTML, XML. DEVELOPMENT ----------- Interesting experiences instead of 'toolsets' --> + Patching the oracle binary only libraries to avoid symbol conflicts, for the Qualys scanner (oracle now sane, so long reverted). + Finding a co-workers "lost" (rm) sources using a shell script and /sbin/debugfs. + Running out of memory with 1G in Qualys scanner, then getting it to do more work in under 250M. + Having half of glibc (you name it) break randomly, mostly with linuxthreads, no workarounds, and 100+ load averages :) + Linux with a 300+ load avg, and still running the Qualys scanner (with a lot of "fixes" for everything)! EDUCATION --------- Central Queendland University (Australia) 2nd Year Maths & Computing (1994-1995) 1st Year Engineering (1996) 3rd Year Information Technology (1997-1998) ACADEMIC AWARDS --------------- Year: 1994 Awarded: Byte Center Computing Prize Organization: Central Queensland University INTERESTS: --------- Opensource :) Reverse Engineering. Forensics. Computing in general :)