Mackenzie Jackson
Mackenzie is a security researcher and advocate with a passion for code security. He is the former CTO and founder of Conpago, where he learned firsthand the importance of building secure applications. Today, Mackenzie works for Aikido Security to help developers and DevOps engineers build secure systems. He also shares his knowledge as a contributor to many technology publications like Dark Reading, Financial Times, and Security Boulevard and was featured as an expert in the documentary “Logins aus dem Darknet” (EN: Logins from the Darknet).
Sessions
In a world where every Formula 1 team is sponsored by a security vendor… can open-source still hold pole position?
While big vendors chase attention with AI-fueled promises and enterprise price tags, most teams just need tools that work—and won’t wreck the budget. This workshop shows you how to build a practical, full-spectrum security stack using battle-tested open-source tools.
You’ll see live demos of tools like Trivy, GitLeaks, Checkov, ZAP, and OpenGrep, securing every layer from code to cloud. We’ll unpack real attack paths—like Log4Shell, dependency poisoning, and leaked secrets—and show how to detect and stop them early.
You’ll leave with a blueprint for integrating OSS tools into your workflow via CI/CD, IDEs, and pre-commit hooks, plus guidance on when free tools are enough—and when to go commercial.
If you’ve ever asked, “Do I really need to spend six figures to be secure?”—this is your answer.
This talk presents findings from a multi-year research project exploring how LLMs can be used in real-world threat detection across the open-source software supply chain. By applying LLMs to analyze large public datasets like changelogs, package metadata, and behavioral signals, we uncovered over 900 undisclosed vulnerabilities, including high-severity issues from popular packages like Axios and thousands of malicious packages published to public registries. This includes intercepting a live operation by North Korea’s Lazarus Group and preventing a backdoor from being shipped in the official Ripple (XRP) cryptocurrency SDK.
The talk also introduces the concept of the open-source kill chain, mapping how attackers abuse trust in public ecosystems to gain access, deliver payloads, and persist undetected.
Attendees will learn how out-of-the-box frontier LLMs like GPT-4 can be used today to augment traditional vulnerability discovery, identify patterns in attacker behavior, and assist in threat triage at scale. The talk is grounded in operational examples, focused on reproducible techniques, and offers a current view into how APTs and malware authors are actively exploiting the open-source ecosystem.