Description
Blockchain Security Series 13 - Pashov (Founder @ Pashov Audit Group)
Hosted by Pablo Sabbatella - pablito.eth (Blockchain Security Researcher, SEAL member)
“There are a lot of hidden gem auditors in the space really. And this is my mission to find them and to work with them”
Topics discussed:
- 00:00 - Introduction
- 01:06 - How did you get started into computers and programming?
- 05:22 - Mastering Ethereum, Andreas Antonopoulos
- 07:05 - When and why did you decide to switch from developing to security research?
- 11:02 - Do you need to know how to code to be a smart contract auditor?
- 13:07 - What is your advice for someone that is just getting interested in cybersecurity?
- 15:10 - How important do you think it is to be a self-taught person in this industry?
- 16:15 - Reviewing new code step by step. You first understand what the protocol does on a high level or you just jump into de code?
- 19:17 - Income for a security researcher
- 24:12 - What things have changed in the security space in the last years and what things still remain the same?
- 26:42 - What does the ecosystem need in terms of security? More people, better tooling?
- 27:52 - On chain vs off chain audits. How have the incentives mechanisms been evolving and which one is in your opinion the system that works better for auditors? Code Arena, Hats Finance, Cantina, Sherlock, etc.
- 29:37 - How to choose the right audit contest? What strategy should one adopt (focusing only on DeFi protocols, bridges, etc)?
- 32:14 - Recommendations for developers and companies regarding secure software development? In what part of the development cycle should an auditor be involved?
- 35:49 - What can you share with us about your latest audits from some major protocols like Ethena, 1Inch or Layerzero?
- 37:42 - When, why and how did you decide to found a security company?
- 41:03 - Web2 security researcher vs Web3 developers
- 42:51 - Which would you say are the most important skills having worked with teams but also starting your own company?
- 44:03 - Would it have been possible to launch your company without being known in the industry already?
- 46:20 - Did you find it difficult to switch from an independent auditor to run a security auditing company?
- 47:34 - What is the hardest part about launching a boutique web3 security company?
- 48:49 - What are mistakes that should be avoided when building a brand?
- 50:18 - Angel investing. What excites you the most about investing in new companies? Are you planning to focus on other security companies, web3 protocols?- 53:41 - Do you invest in companies after having audited them?
- 53:30 - How do you get involved with companies you invest into?
- 56:56 - Accepting tokens as payment
- 59:04 - How do you keep updated in web3 cybersecurity? Newsletters, conferences and events
- 01:01:58 - Final thoughts
Summary:
In this episode, Pablo Sabbatella sits down with Pashov, the top tier smart contracts auditor and founder of Pashov Audit Group. They will explore Pashov's journey from being a developer to becoming a well known web3 security researcher, and sharing insights into his meticulous code auditing process and offering valuable advice for aspiring blockchain security professionals. Later in this talk they will also cover the evolving landscape of security, the financial realities for researchers, and the strategic decisions behind audit specialization.
Pashov also opens up about the challenges of launching a security firm, the rewards of investing in the crypto space, and the reason has led him to become an angel investor in several firms.
Takeaways:
- The income for security researchers can vary depending on factors like the type of work (contests, audits), skill level, and market conditions. Working harder during bull markets and focusing on stacking cash can be a good strategy.
- Having a long-term security partner is beneficial for companies, as it provides ongoing s
Blockchain Security Series 14 - Frederik Svantes (Security research lead @ Ethereum Foundation)
Hosted by Pablo Sabbatella - pablito.eth (Blockchain Security Researcher, SEAL member)
Topics discussed:
- 00:00 - Intro
- 01:13 - How you started with computers and programming
- 02:41 -...
Published 10/02/24
Blockchain Security Series 12 - Stephen Tong (Co-Founder & CEO @ Zellic)
Hosted by Pablo Sabbatella - pablito.eth (Blockchain Security Researcher, SEAL member)
Topics discussed:
- 00:56 - Your story: How did you start getting interested in security?
- 04:01 - Perfect blue: A weeb team with...
Published 08/23/24