Friday Hacks #187, Jan 31: Analytics in the Real World & Server-Side Request Forgery
Posted on by Chaitanya Baranwal
Date/Time: Friday, Jan 31 at 6:30pm
Venue: Cerebro, COM1, School of Computing, NUS
Free pizza is served before the talks.
<strong> <a href="https://www.facebook.com/events/648410909234204/" target="_blank" rel="noopener noreferrer">RSVP on our Facebook event</a> </strong> <br />
Analytics in the Real World: Using GANs to colourise black & white photos, and using machine learning to optimise an oil field
This talk would cover two cases of machine learning applications in the real world – the first would be on using GANs to colourise black & white photos, building a tool that is available online. It will cover the productionising and architecture to make the tool run live. The second would be on how a prescriptive machine learning model to optimise the flow of oil over a search space around (100^150)*(2^150) was built.
Paul is a data scientist at QuantumBlack, a data science consultancy. He works on applying data science to real world business problems, and works with some of the largest corporations in the world, across a variety of industries. Prior to joining QuantumBlack, he studied mathematics before completing a PhD in computer science.
Andrew is a data scientist at QuantumBlack, a data science consultancy. His work involves building predictive models to help clients achieve measurable improvements. Before QuantumBlack, he worked at GovTech Singapore as a data scientist, where he worked extensively with various agencies to apply data science to policy making.
Server-Side Request Forgery: From HTTP to Localhost
Server Side Request Forgery (SSRF) is a class of web vulnerability that has proliferated greatly in an era of interconnected microservices and cloud infrastructure. By leveraging a seemingly-benign attack vector, hackers can often escalate SSRF to achieve system data exfiltration and remote code execution. Building on the DEFCON 2019 talk “Owning the clout through SSRF and PDF generators” by Ben Sadeghipour and Cody Brocious, Eugene will demonstrate practical means of discovering and exploiting SSRF in various contexts.
Eugene Lim is a security researcher and white hat hacker. He has worked on several bug bounty programs, including Starbucks, Grab, and GovTech, and was ranked #3 globally among all hackers on the Hackerone leaderboard. Recently, he participated in and was awarded the Most Valuable Hacker award at the h1-213 live hacking event with Hackerone, US Air Force, UK Ministry of Defense, and Verizon Media. He is interested in application security and securing user data through sustainable DevSecOps practices.
Please RSVP at our Facebook event here if you are coming so we know how many people to cater for.
See you there!
The HANGAR by NUS Enterprise — the campus hub for entrepreneurs.