Hassan El Hadary

Hassan is an expert in application security. He has performed application security assessments, secure code reviews and penetration tests for security-critical applications and is an active security researcher in bug bounty programs. He's been acknowledged and rewarded by several vendors for bug bounties such as Google, Apple, Facebook, Twitter, PayPal, eBay, AT&T Top 10, Yahoo, Oracle, GiftCards, Etsy, Groupon, Cisco Meraki and Olark. With this amazing basis, he's gone on the author SANS course SEC552: Bug Bounties and Responsible Disclosure.

Hassan publishes vulnerabilities on his blog http://hassanhadary.blogspot.com.eg/.

More About Hassan

Profile

Hassan began his career as a programmer developing enterprise software systems, during which he developed his passion for Information Security. He received his Master's degree in Computer Science from the American University in Cairo with a thesis in the field of Secure Software Engineering and went on to lead an application security team, performing security assessments and penetration tests for security critical applications. During this time he also published the article, Capturing Security Requirements for Software Systems.

Hassan has since become a security consultant and active security researcher in bug bounty programs. He was acknowledged and rewarded by several vendors including Google, Apple, Facebook, Twitter, PayPal, eBay, AT&T Top 10, Yahoo, Oracle, GiftCards, Etsy, Groupon, Cisco Meraki and Olark. He says "I chose the field of application security because every application has unique logic and business rules, which makes it challenging and tricky to discover and fix security bugs."

In 2012, Hassan began teaching for SANS Institute. "Challenges and real life stories are the keys for deeply understanding techniques and ideas." He goes on to explain, "The goal is to practice catching and fixing unique tricky security bugs in modern complex applications." Hassan teaches SEC542: Web App Penetration Testing and Ethical Hacking and is the course author of SEC552: Bug Bounties and Responsible Disclosure.

Hassan has spoken at several events such as SANS Tysons, SANS Pen Test Berlin, US - Egypt Cyber Security Workshop, Middle East Info Security Summit, ADPoly Cyber Security Bootcamp, OWASP Cairo Chapter, CSCAMP and SKLABS.

ADDITIONAL CONTRIBUTIONS BY HASSAN EL HADARY:

WEBCASTS

Hunting Logic Attacks - A Peak at SEC552: Bug Bounties & Responsible Disclosure, August 2020