Koh You Liang

Application/Game Security Engineer

You Liang hails from Singapore. He has earned his Environment and Information Studies degree from Keio University under the tutelage of Jun Murai in Takeda lab. Before joining his current company, he worked for LINE as a full time Security Engineer, and led a team of engineers as a Team Lead at a startup. While his work focuses on vulnerability assessment, mostly pentesting and security hardening, his non-work interests range widely, everything from world travel, to competitive gaming, to extreme sports.

Location
Setagaya-ku, Tokyo, Japan
Email
LinkedIn
kohyouliang

Experience

present

Senior Associate at PwC Japan

The PwC Japan Group is the collective name for the member firms of the PwC global network and their affiliates in Japan.

Highlights

  • Application/Mobile/API Pentesting and Vulnerability Assessments for clients
  • Red Team

present

Security Researcher at Synack Red Team

The Synack Red Team is a private freelance security research team that provides web application, mobile application, and host infrastructure penetration testing engagements.

Highlights

  • Web Application and Host Infrastructure Pentesting

Security Team Lead at 3-shake Inc.

3-shake provides real-time big data processing and ad-tech platform services, armed with infrastructure layer technology.

Highlights

  • Application/Network/Infrastructure Pentesting and Vulnerability Assessments for clients
  • Mobile Vulnerability Scanner Development
  • Training engineers on security practices and skillsets

Application/Game Security Engineer at LINE Corporation

Line Corporation (stylized as LINE Corporation) is a Tokyo-based subsidiary of the South Korean internet search engine company Naver Corporation.

Highlights

  • Internal security pentesting and risk assessments, doing both Blackbox and Whitebox testing
  • Developed CI tool for automatic scanning of binaries on build
  • Bug bounty report reviewing, PR recruitment support
  • Reverse engineering of third-party cheat tools to prevent cheats and ban players

Volunteer

Student Leader at AcademyCamp

I volunteered as a student leader during the 3 days 2 nights Fukushima camp for middle and high school students. I met student leaders of various countries, who also wholeheartedly aspire to serve society. We learned a lot from guiding and exchanging our experiences with both the Japanese and Vietnamese students despite the generation gap and language barriers.

Highlights

    International Volunteer at Ashinaga

    I was an international student volunteer at the Tsudoi program, which lasted 2 weeks. I shared with them my experiences with different countries and my life experiences.

    Highlights

      Education

      present

      Master in Media and Governance from Keio University with GPA of 3.6

      Courses

      • Cyber Informatics
      • Cybersecurity Law
      • Scanner Testing False Positive Rate Correlation to Vulnerability Type

      Bachelor in Information Technology from Keio University with GPA of 3.4

      Courses

      • Cyber Security
      • Economics

      Awards

      3rd at Cyber SEA Games 2021 from SEA Games

      Representing Singapore in the Cyber Southeast Asian Games

      Arena International Master from Fédération Internationale des Échecs

      International Master issued by FIDE Arena. Certificate

      73rd at HTB Business CTF 2021 from Hack The Box

      As captain of the PwC CTF Team. Certificate

      21st at Hack-A-Sat 2 Qualifiers from US Air Force and Department of Defense

      As part of Tea MSG

      35th at FAUST CTF 2021 from FAU Erlangen-Nürnberg

      As part of CTF.SG in our first Attack-Defense CTF.

      36th at DEF CON CTF Qualifier 2021 from Order of the Overflow

      As part of Tea MSG

      5th at STACK the Flags from GovTech Singapore

      As part of the 4-man team IPhone XS. Certificate

      18th at Hack-A-Sat Qualifiers from US Department of Defense

      As part of CTF.SG.

      Finalist at ISITDTU CTF from Duy Tân University

      As part of a 4-man team in OpenToAll.

      Winner at Red Alert ICS CTF from NSHC and PwC Japan

      As part of CTF.SG.

      2nd at OpenCTF from Neg9

      As part of OpenToAll.

      Finalist at BCTF from DEFCON China

      As part of OpenBlue (OpenToAll + PerfectBlue).

      Writeups

      CVE-2021-4144 by Me

      TP-Link TL-WR802N Command Injection Exploit

      CVE-2021-4144 by Me

      TP-Link TL-WR841N Command Injection Exploit

      Bachelor Thesis by Research Gate

      Analysis of Potentially Harmful Apps displaying Malware-like behavior on Android.

      References

      Koh-san is a skilled security engineer who is open and easy to talk to. I have worked with him for a long time, both when we both were students, as members on the same team and as his team leader. He has exceptional problem solving skills, is easy to ask for help, and learns quickly. His ability to think outside the box and offer new insights are extremely valuable. He is an exceptional engineer and it has always been a pleasure working with him. I would highly recommend it!

      Robin Lunde

      Languages

      English
      Fluency: Native speaker
      Japanese
      Fluency: Native speaker
      Mandarin Chinese
      Fluency: Business level

      Skills

      Web Application Security (OSWE)
      Level: Master
      Keywords:
      • Risk Assessment
      • Pentesting
      • Bug Bounty
      Game Security
      Level: Intermediate
      Keywords:
      • ML Analysis on Cheat Detection
      • Anti-cheat Obfuscation
      Automation
      Level: Intermediate
      Keywords:
      • Mobile Vulnerability Scanner
      • CI/CD Integrations
      • Fuzzers

      Interests

      World Travel
      Keywords:
      • Airplanes
      • Photography
      Extreme Sports
      Keywords:
      • Boundering
      • Skydiving
      • Snowboarding

      © 2020. All rights reserved.