Determine security ramifications to protect personal data and information
111 Discussions

Chips & Salsa Episode 14: Intel STORM Team: SPEAR

0 0 3,330

Hello again!

In this episode of Chips & Salsa, we continue our series on the STrategic Offensive Research and Mitigations (STORM) team. In episode 13, we spoke to Henrique Kawakami who gave us an overview of the work his team does.

Today, we talk to Joao Moreira about SPEAR, or Security Principled Engineering And Research. SPEAR builds tools and solutions to assist STORM researchers and works to bridge the gap between offensive security research and systems engineering.

About our guest:

Joao is an Offensive Security Researcher at Intel. His research interests are mostly focused on compiler-enabled features and analyses, but he will normally be down to chat about anything that involves binaries. Joao holds a PhD from the University of Campinas, where he worked on kCFI, a Control-Flow Integrity implementation for the Linux kernel (featured at Black Hat Asia 2017) and he also spent some time working for SUSE, where he bootstrapped the development of libpulp, an user-space live patching framework (featured at Linux Developers Conference Brazil 2019 and SUSE Labs Conference 2018). Joao also spoke at the at the Linux Security Summit 2021 about his work FineIBT, a compiler optimization that extends the security guarantees of Intel’s CET/IBT.  

About the Chips & Salsa video series:

Chips and Salsa is a regular video series with hosts Jerry Bryant and Christopher “CRob” Robinson.  The videos cover such topics as vulnerability disclosures, security incident response, security assurance practices, security technologies with thought-provoking interviews with subject matter experts from Intel and across the security technology spectrum.

As always, thanks for watching!

Jerry Bryant
Sr. Director of Security Communications and Incident Response
Intel Product Assurance and Security

About the Author
Intel Product Assurance and Security (IPAS) is designed to serve as a security center of excellence – a sort of mission control – that looks across all of Intel. Beyond addressing the security issues of today, we are looking longer-term at the evolving threat landscape and continuously improving product security in the years ahead.