Rory McNamara

Rory McNamara

Staff Security Researcher, Snyk

Long-time bug bounty hunter, ex-pentester, and AppSec engineer. Rory is passionate about race conditions and Linux exploitation.

Showing 1 - 7 of 7 records

wordpress-sync/blog-feature-toolkit
Blog

Breaking caches and bypassing Istio RBAC with HTTP response header injection

June 20, 2024

feature-getting-snyk-setup
Blog

Call for action: Exploring vulnerabilities in Github Actions

June 6, 2024

feature-leaky-vessels-deep-dive
Blog

Leaky Vessels deep dive: Escaping from Docker one syscall at a time

February 6, 2024

feature-leaky-vessels-2024-21626
Blog

Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

January 31, 2024

feature-leaky-vessels-2024-23651
Blog

Buildkit mount cache race: Build-time race condition container breakout (CVE-2024-23651)

January 31, 2024

feature-leaky-vessels-2024-23652
Blog

Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

January 31, 2024

feature-leaky-vessels-2024-23653
Blog

Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

January 31, 2024

1

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start freeBook a live demo

Product

What is Snyk?Snyk Code (SAST)Snyk Open Source (SCA)Snyk ContainerSnyk Infrastructure as CodeSnyk AppRisk (ASPM)Developer Security PlatformApplication securitySoftware supply chain securitySecure AI-generated code DeepCode AIPricingDeployment optionsIntegrationsIDE pluginsGit SecurityCI/CD pipelines securitySnyk CLISnyk LearnSnyk for JavaScript

Resources

DocumentationSnyk API DocsAPI statusDisclosed vulnerabilitiesSupport portal & FAQ’sBlogSecurity fundamentalsResources for security leadersResources for ethical hackersVulnerability DatabaseSnyk OSS AdvisorSnyk Top 10VideosCustomer resourcesSecurity LabsThe Secure Developer Podcast

Company

AboutCustomersCareersEventsSnyk for governmentSecurity & trustLegal termsPrivacyFor California residents: Do not sell my personal informationWebsite Terms of UseProcurement

Connect

Book a live demoContact usSupportReport a new vuln

Security

Application SecurityContainer SecuritySupply Chain SecurityJavaScript SecurityOpen Source SecurityAWS SecuritySecure SDLCSecurity postureSecure codingEthical HackingAI in cybersecurityCode CheckerPythonEnterprise CybersecurityJavaScriptSnyk With GitHubSnyk vs VeracodeSnyk vs CheckmarxSnyk vs Synopsys

© 2024 Snyk Limited
Registered in England and Wales

logo-devseccon