Events Hub



on demand talks

Watch our on demand talks, and view the corresponding slide decks.

red coding nodes

Clean Code is the Base for a Well-functioning Dev Team

In this presentation at QCon London 2024, Olivier Gaudin, Founder and co-CEO of Sonar, explains how poor code can negatively impact team performance and software quality.


Explore Other Talks

Talk | WeAreDevelopers

The Clean as You Code Imperative, by Sonar CEO Olivier Gaudin

In this talk given during We Are Developers, Olivier Gaudin talks about how Clean Code empowers developers and enable organizations to consistently deliver high-quality, secure code. He explains why the Clean As You Code methodology has to become an organizational imperative for a sustainable edge in the marketplace.

Topics: Clean As You Code, DevOps

Watch Now
Talk | Hexacon

You've Got Mail! And I'm Root on Your Zimbra Server

Zimbra, an enterprise-level email solution, has recently been the target of a 0-day campaign likely conducted by a state actor. As demonstrated by the Microsoft Exchange vulnerabilities, enterprise mail servers are a gold mine for attackers. In this talk we break down how we approached a complex enterprise web target from the viewpoint of a sophisticated attacker.

Topics: Code Security, Enterprise

Download Presentation
Talk | Insomni’hack

A Common Bypass Pattern to Exploit Modern Web Apps

During our vulnerability research, we broke the defenses of some of the most popular open-source web applications. We realized that many code vulnerabilities we discovered share a common theme. In this talk, we express this common denominator as a simple, abstract methodology that seems to have gone unnoticed in the industry. To turn our theoretical pattern into an entertaining presentation, we explain and demo related vulnerabilities that we discovered in applications such as Magento2, WordPress, and Zimbra.

Topic: Code Security

Download Presentation
Talk | Insomni’hack

Two Bugs to Rule Them All: Taking Over the PHP Supply Chain

This talk presents the technical details of the vulnerabilities that allowed us to compromise the infrastructure behind the two PHP package managers, Composer (twice!), and PEAR.  Together, they serve more than a billion monthly package downloads. We also present how we could reduce the impact of such an attack and the actions package managers could take to protect themselves.

Topics: Code Security, Supply Chain, Developer Tools

Download Presentation