08-15, 14:00–14:50 (US/Eastern), Tobin
You spend your time configuring HTTP headers and hardening your containers. Meanwhile your CFO just downloaded a Chrome extension to make the font in Gmail Comic Sans. What are Chrome extensions, exactly? This talk will dive into details, including format, contents, static analysis with custom rules, threat modeling (when does this even matter?), and some of the unique challenges of building a security scanner. A tool will be demoed that has just been released for this: CRXaminer (crxaminer.tech). You will learn how you can immediately start using it.
Mark El-Khoury started as an offensive security consultant, doing penetration testing and code and design reviews. Mark then expanded his skillset into the defensive side, leading cybersecurity at various organizations and industries, including: gaming, fintech, and biometrics. Mark is a conference speaker, holds security certifications, and was an instructor at a Columbia University cybersecurity bootcamp for over four years. Mark is now Director of Security Engineering at Movable Ink.