Tom Palarz
Tom Palarz is a Principal Security Researcher at CA Veracode. His primary research focus is on static analysis of languages and frameworks. He also has a bit of a knack for embedded systems and low level tech. Prior to joining CA Veracode, he spent several years building software and then several years breaking it. In his current role, he is helping developers and security folks alike build more secure software.Posts by Tom Palarz
Vegas Cons 2016 Wrap Up
August 18, 2016 | Research
In my earlier post, I gave my thoughts on what the trends were so far part way through the set of conferences last week (BSidesLV, Blackhat, and DefCon24). In this post, I wrap up my thoughts for the week’s conferences. There were several great talks I missed at BSides this year. Two in particular were ones I’m bummed I missed: one on FOIA requests [http://sched.co/7a8k] (given... READ MORE›
Crypto Fun at Black Hat 2016
August 9, 2016 | Research
This year’s Black Hat Briefings included many outstanding talks; being a bit of a crypto geek, the one that particularly piqued my interest was the practical forgery attack on the Galois/Counter Mode (GCM) mode of operation: Nonce Disrespect (slides [pdf], paper [pdf], example code) GCM is an authenticated encryption mode where authentication and ciphering are done in one pass across a... READ MORE›
DEF CON 24: Day One
August 8, 2016 | Research
DEF CON is at a new venue since my last visit (two years ago), and I have to give props to the conference staff for all the hard work they’ve put in. Lines to get to talks and villages are still incredibly long as ever, and make it hard to justify the time to wait and missing out on something else. Some trends I’m noticing so far: The car hacking industry is maturing a bit with... READ MORE›
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
