Martin Haunschmid
Martin was a long-time developer, before one of his websites got hacked. This way, he realized you can earn money (officially, of course, and always with a permission to attack) doing something he now considers the best job there is. Nowadays he's mostly doing Application Security in the form of black-box web-app penetration tests and source code reviews via his company Adversary GmbH.
Other than that, he tries to communicate his fascination with the industry to not-so-technical folk by producing the "Hacks of the Week" and sometimes does talks.
Sessions
Source code review is a skill which complements the black-box toolset perfectly. In this talk, we'll go over the basics of source code review, sources and sinks, some pitfalls and learnings I had from doing (way too) many reviews. Then, we'll have a few challenges: Can you spot the vulnerability of famous CVEs in the source code? Featuring Ivanti, JetBrains and GitLab!