Security Code Audit of Mullvad VPN

​Join us for a presentation and meetup with Markus Vervier and Eric Sesterhenn of X41 D-Sec GmbH around their company's audit of Mullvad VPN.

​Markus Vervier is Head of Research and Managing Director at X41 D-Sec GmbH. Software security is his main focus of work. During the last 15 years of professional experience in offensive IT security he worked as a penetration tester and security consultant and was doing active security research. He has Extensive experience in the field of code-review, reverse engineering, and vulnerability analysis of applications on various platforms and architectures;- reverse engineering and security analysis of embedded firmware for mobile devices (Android device baseband firmware); discovery of the first vulnerabilities in the Signal Private Messenger: https://pwnaccelerator.github.io/2016/signal-part1.html . He worked as a speaker at OffensiveCon 2023, BruCon 2023, hack.lu 2023, Infiltrate, HITBSECCONF, and Troopers security conferences about offensive security topics such as baseband reverse engineering and application security; memory corruption vulnerability in libOTR: https://x41-dsec.de/lab/advisories/x41-2016-001-libotr/.

​Eric Sesterhenn is working as an IT Security consultant for more than 15 years, working mostly in the areas of penetration testing and source code auditing. He has identified vulnerabilities in various software projects including the Linux kernel, BIND9 and X.org and analysis of complex software applications and infrastructures and extensive experience in code reviewing, penetration testing, and vulnerability analysis;- speaker at DEF CON, beVX 2018 and 35c3 about smartcard driver security: https://www.x41-dsec.de/lab/blog/smartcards . He worked as a speaker at Nullcon 2018 about security issues in IoT OS: https://archive.nullcon.net/website/goa-2018/speakers/eric-sesterhenn.php