About Brad Larsen

Software toolsmith — application security, automated bug finding, secrets detection

I did binary static analysis for a few years, the spent a couple years *using* static analysis tools in anger to find security issues in C++ code. I did a couple years of client-facing appsec engagements. I've written lots of fuzzers and read a lot of code.

The past 4 years I've worked on secrets detection. I authored and maintained Nosey Parker, the fastest regex-based secrets detector out there, frequently used during offensive security engagements.

Currently a Principal Security Researcher at Truffle Security, working on all things secrets-related.

Formerly at Praetorian / Trail of Bits / Ab Initio Software / Veracode.

Lists

Timeline

bradlarsen has no activity yet