ソフトウェア・プロダクトの開発組織とそこで働くエンジニアにとって最適な
セキュリティサービスを提供し、「背中を預けられる」存在になることがGMO Flatt Securityの使命です。
Meet the Experts
RyotaK
Security Researcher
RyotaK is a security researcher known for various groundbreaking cybersecurity research. His series of work has revealed critical vulnerabilities of cloud service providers including GitHub and Cloudflare and of essential platforms for engineers like Homebrew and PyPI. He’s also known for participating in various live hacking events, winning multiple awards, and reporting vulnerabilities to many leading companies such as Google, Cloudflare, GitHub, Salesforce, and Microsoft.
Ryota Shiga
Operating Officer / Professional Service Div. CTO
Ryota Shiga is a well-versed security expert. He has revealed 15 critical vulnerabilities for Linux kernels and VMM (KVM/VirtualBox) during the 18 months of his research in GMO Flatt Security, all while directing over 100 web penetration testing projects, proving not only his extensive security knowledge but his leadership skills as well. He has also won a prize in Pwn2Own 2021 for reporting a privilege escalation in Ubuntu.
Takashi Yoneuchi
Director / CTO
Takashi Yoneuchi is one of the leaders of the cloud and application security industry in Japan with over 7 years of experience educating and motivating people on this topic. He is the author of Web Browser Security and more, with thousands of Japanese readers. He led Team Asia at the International Cybersecurity Challenge 2023 as Head Captain. He is also a member of the review board for CODE BLUE, the largest cybersecurity conference in Japan.
Sen Ueno
Director
Sen Ueno, the CEO of Tricorder Co. Ltd, is a penetration tester and a cybersecurity educator. He has contributed to the security industry for more than a quarter of a century and is the author of numerous books. In addition, he is one of the leaders of OWASP Japan Chapter. He has also been awarded ISC2 Asia-Pacific Information Security Leadership Achievements (ISLA).
Featured Projects
Conference
BSides Las Vages 2024: Are you content with our current attacks on Content-Type?
Blog
Expanding single-packet race condition with a first sequence sync for breaking the 65,535 byte limit
Blog
BatBadBut: You can't securely execute commands on Windows
Blog
Bypassing DOMPurify with good old XML
Report
Pwn2Own 2021 Report: Ubuntu Desktop Exploit
Blog
Finding an unseen SQL Injection by bypassing escape functions in mysqljs/mysql
