Hey, I'm Ryan
I’m a senior software engineer on Slack's Product Security Foundations team. I like weird music, modern board games, podcasts, and oxford commas. In other news, I live in Brooklyn.
Recent posts
Training a ControlNet for Stable Diffusion generated QR Codes
Other people had cool QR codes and I wanted to be able to make them, too! The story of how we replicated their process.
Posted on:Feb 5, 2024I'm starting a blog
I'm starting a blog, because it's never been done before.
Posted on:Oct 30, 2023
Around the web
-
Catching Compromised Cookies
We developed a system to detect compromised session cookies, protecting user data from unauthorized access. The approach uses a last access timestamp mechanism to identify cookie theft and employs sophisticated techniques to reduce false positives while maintaining performance at Slack's scale.
Post published on: Slack Engineering Blog -
Canary in the Datamines: Using Log Canary to find PII
Why does sensitive data always seem to end up places it shouldn't? We won't answer that, but we will tell you how we combat the problem. Log Canary probes our product for places where PII might leak into logs, so that we can resolve the issue before real data is written. Join us as we explain the concept and lessons learned in development and deployment.
Talk given at: LocoMocoSec 2020 -
10,000 Dependencies Under the Sea
Come on our journey of creating scalable tooling and processes to automatically identify vulnerabilities in third-party libraries and handle the question of “ok we found this, who’s going to fix it?”
Talk given at: DEF CON 28: AppSec Village