Matt Runkle

Matt Runkle is a member of Veracode's Security Consulting team. He holds a B.S. in Computer Science from Worcester Polytechnic Institute and a M.S. in Cybersecurity from New York University. Matt has experience in the defense and commercial spaces, conducting application and network security research for organizations including DARPA. Prior to that, Matt worked as a software developer, both freelance and for various defense contractors. Outside of security, he facilitates leadership conferences nationally for university student groups, and takes an embarrassing number of pictures of his three dogs, Arya, Xena, and Carolina.
Posts by Matt Runkle

Anatomy of a Cross-Site Scripting Flaw in the Telerik Reporting Module

June 6, 2017  | Secure Development | Research

Telerik Reporting Cross-Site Scripting

One of the interesting aspects of working as a Veracode Application Security Consultant is seeing the wide range of code across many business sectors. On an average day, I could look at some COBOL code twice my age in the morning, and by lunch I’m exploring a large .NET MVC app, before transitioning to review a self-deploying microservices package comprised of Java, node.js, and a little PHP for... READ MORE

It's Time to Stop Blaming Developers for Insecure Software

March 3, 2017  | Secure Development

In two-plus years on the security consulting team at Veracode, and in my prior experience as a security researcher and software developer, I've heard this phrase countless times: "Developers are the biggest cause of security defects." Sure, developers are the ones actively implementing the application – but they’re not the only ones involved in creating software. Lots of... READ MORE



contact menu