speaker

Bas Van Schaik

Github

Bas van Schaik is responsible for GitHub's CodeQL security analysis technology. Through his work on CodeQL, he has been involved in the discovery and disclosure of a large number of vulnerabilities in a wide variety of open source projects (including memory corruption in the XNU kernel, and RCEs in Struts and Spring). The CodeQL technology was developed at Semmle, where he was the product lead prior to the acquisition by GitHub in 2019. In a previous life, he completed a PhD at the University of Oxford.