Currently developing runtime security detection and enforcment platform for containers at StackRox in Mountain View, CA.
In my thesis work, I developed a client behavior verification technique using symbolic execution. I built a novel server-side system that verifies whether messages from a client could have been generated by a sanctioned software version, without any knowledge of client-side inputs. The technique works by finding a client execution path that "explains" a given message trace. By utilizing execution history to guide our search, I also built a system that is more efficient. And to support verification of cryptographic clients such as OpenSSL, I modified the KLEE symbolic execution engine to support parallel execution.