2024

Security Days Spring 2024 東京

  • Gave a 40min presentation on principals in designing a good security strategy as a conference sponsor.
  • The session title was: CNAPP・ASM・ASPM…またバズワードが移りゆく、2024 年もなお不変の脆弱性評価・管理の勘所
  • See this page for further information

P3NFEST Conf 2024 (by IssueHunt Inc)

  • Appeared in a panel discussion about careers in product security fields.
  • See this page for further information

Flatt Securityの事業のこれから

クラウドセキュリティの脅威を整理、優先すべき対策は何なのか? ~デジタル寺田+4社が解説~

  • Gave a lightning talk on cloud security 101.
  • The session title was: AWS/GCPのセキュリティ、いつから・誰が・どう始める?
  • See this page for further information

2023

東洋大学情報連携学部 講義「ICT社会応用」

  • Gave a 30min presentation on early/seed startups.

【日経×Flatt Security×IssueHunt】プロダクトセキュリティの民主化と協調

  • Gave a short talk on how to build a strong culture on product security.

init.g workshop (by Google VRP)

  • Appeared in the panel discussion on security engineer careers.
  • See this post for feeling the vibe!

SRE NEXT 2023 (Sponsored Session)

  • Gave a short talk on the intersection of Site Reliability Engineering (SRE) and Security Engineering.
  • See this page for further information

”次世代のものづくり”を担う組織に寄り添い、サポートするセキュリティSaaS「Shisho Cloud」の開発秘話と私たちが目指すもの

  • Appeared on the interview-styled page.
  • Visit this page for further information.

セキュリティ SaaS を「プログラマブル」に再設計した話 ― Shisho Cloud の正式リリースによせて

  • Contributed an article to our tech blog.
  • Visit this page to read.

Security JAWS 30th

  • Gave a short talk on CSPM 101.
  • See this page for further information

Security Camp 2023

  • Served as a producer to design the whole class.
  • Gave a 2-hour training named "Webプロダクトセキュリティへのいざない" by myself as well.
  • See this page for further information

International Cybersecurity Challenge (ICC) 2023

Asian Cyber Security Challenge (ACSC) 2023

  • Won 18th in ACSC 2023, by which I was selected as finalists of ICC 2023.

Developer eXperience Day 2023

  • Gave a talk titled "開発者体験をむしろ向上させるセキュリティ施策のイロハ ― Policy as Code の理論と実践".
  • See this page for further information
  • The transcription is available here.

Rust Panel Discussion vol.1 #blastengine

  • Appeared at a panel discussion about software supply chain security.
  • See this page for further information

RubyKaigi 2023

  • Gave a talk titled "Eliminating ReDoS with Ruby 3.2".
  • See this page for further information

2022

Hardening Designers Conference 2022

  • Appeared at a panel discussion about software supply chain security.
  • See this page for further information

ハンズオンWebAssembly

  • Contributed a really small part of the translation project.
  • Check out this page to order the book!

Security Camp 2022

たのしくなるカンファレンス (株式会社LayerX主催)

  • Appeared at a panel discussion about next-generation security operations.
  • See this page for further information

Security Mini Camp in Osaka 2022 / セキュリティ・ミニキャンプ in 大阪 2022

  • Appeared at a panel discussion on career stratergy of security engineers.
  • See the event page for further information.

2021

Console Weekly #82

  • Talked about Shisho and what it was like becoming the CTO of a Japanese cyber security company.
  • Click here to read the interview!

NoMaps Conference 2021

  • Appeared at a Q&A session about developer experience.
  • See this page for further information

LOCAL Developer Day Online ’21 /Security

  • Gave a talk about developer-first security.
  • See this page for further information

Security Camp 2021

詳解セキュリティコンテスト

  • Contributed some parts to a book describing all about CTF written by some specialists.
  • Check out this Amazon page to order the book!

MITOU Target Program

SECCON Beginners CTF 2021

  • Organized some parts of the project.
  • Provided a Web challenge named osoba.

Web24 (Online)

  • Discussed the future of Web security with great security engineers.
  • See here to check the detail of the event!

Go Conference Tokyo 2021 Spring (Online)

Security Mini Camp in Osaka 2021 / セキュリティ・ミニキャンプ in 大阪 2021

  • Gave a short seminar on Web-related modern security aspects.
  • See the event page for further information.

漠然とした不安との素敵な付き合い方

  • Contributed an article explaining how to deal with anxiety about cyber security for NISC's website.
  • You can read the article from here (Wayback Machine).

#139​ 書籍「Webブラウザセキュリティ」と、2011年の釧路でつながったぼくらの縁

書籍「Webブラウザセキュリティ」発刊記念 著者&レビュアー対談

  • Appeared in an interview article in Japanese: 前編, 後編.

セキュアにGoを書くための「ガードレール」を置こう - 安全なGoプロダクト開発に向けた持続可能なアプローチ

Proxy-Wasm + Rust による Envoy の拡張 ―― 独自メトリクスの追加を例に

Webブラウザセキュリティ ― Webアプリケーションの安全性を支える仕組みを整理する

  • Published a book on security features of web browsers.
  • See this page for further information of this book.

2020

Security Camp 2020

  • Conducted a 4-hour training named "Web Security from the Macro Perspective: Understanding Modern Hacking Techniques with Web Infrastructure and Side-channels" (日: 「マクロな視点から捉える Web セキュリティ: Web インフラストラクチャを利用した攻撃とサイドチャネル攻撃の実践と評価」).
  • Reference: event page

CODE BLUE 2020

  • Appeared in a panel discussion named "Why organize a CTF -This is the way-" (日: 「我々はなぜCTFを運営するのか?」).
  • Reference: event page

SECCON Beginners Live

  • Gave a presentation about CTFs and how to learn security stuffs related to them.
  • Reference: event page

SECCON CTF 2020

Security Mini Camp in Yamanashi 2020 / セキュリティ・ミニキャンプ in 山梨 2020

  • Gave a presentation to introduce activities of Security Camp Committee.
  • Reference: event page

OWASP Kansai - 体系的に学ぶモダン Web セキュリティ @ 京都 (Learning Modern Web Security @ Kyoto)

  • Did a online & long-term course on Web security.
  • Reference: event page.

OWASP Night 2020/02 (by OWASP Japan)

  • Talked about issues related to ReDoS and show a new attack vector.
  • Reference: event page

SECCON Beginners CTF 2020

  • Organized the whole project.
  • Provided two challenges: unzip and somen.

2019

IPA Workshop - Learning Modern Web Security / IPA ワークショップ 体系的に学ぶモダン Web セキュリティ

  • Did an eight-hour workshop on web security in collaboration with Information-technology Promotion Agency.

CODE BLUE CTF 2019

  • Provided a challenge named "Snippet".

#websecjp: Learning Modern Web Security / #websecjp: 体系的に学ぶモダン Web セキュリティ

  • Did an eight-hour workshop on web security at National Institute of Information and Communications Technology (NICT) Innovation Center.
  • Reference: event page

Security Camp 2019

  • Conducted a 4-hour training named "体系的に学ぶモダン Web セキュリティ" (Learn Modern Web Security Systematically).
  • Reference: event page

JNSA e-zine ("BlackHat USA 2019 参加記")

  • Contributed an article to JNSA (Japan Network Security Association) e-zine.
  • Reference: article

Packet Hacking Village of DEFCON 2019

  • Participated as a volunteer staff.

Security Mini Camp in Yamanashi 2019 / セキュリティ・ミニキャンプ in 山梨 2019

  • Gave a presentation to introduce activities of Security Camp Committee.
  • Reference: event page

SECCON Beginners CTF 2019

  • Provided three challenges: Ramen, Secure Meyasubako, and Himitsu.

Shibuya.XSS techtalk #11

  • Gave a presentation on hot topics on XS-Leaks and advanced CSS Injection.
  • Reference: event page

TSG CTF 2019

  • Provided two challenges: RECON and BADNONCE.

2018

Security Mini Camp in Okayama 2018 / セキュリティ・ミニキャンプ in 岡山 2018

  • Conducted a 4-hour introduction-level class on Web security.
  • Reference: event page

第 14, 15, 19, 22 回 ゼロから始めるセキュリティ入門 勉強会

  • Gave a small presentations on hot topics on Web security at the time.
  • Reference: event page

第21 回 セキュリティさくら (Security Sakura, a Japanese seminar on security)

  • Talked on the complexity of Web and its security from the viewpoint of attackers.
  • Reference: event page

SECCON Beginners CTF 2017

  • Provided three challenges: Gimme your comment, SECCON Goods, Gimme your comment Revenge.

2013

OSC Hokkaido 2013 #osc13do

  • Gave a small presentation.
  • Reference: event page