Tao Yan (@Ga1ois) is a distinguished researcher at Palo Alto Networks. He focuses on new attack surface discovery, new research method exploration (including but not limited to vulnerability discovery and exploitation methods) and system internals research from both offensive and defensive perspectives. His interests include bug findings with fuzzing and static code review, exploits, mitigations bypass, sandbox escape and privilege escalation on various applications and modules including browsers, Flash, RDP, COM/RPC, etc.
In the meantime, he has also been involved with exploits, APTs, malware detection and defense. He has been listed as #7 researcher in 2016 and #4 researcher in 2017 for MSRC Top 100 Researchers. He is also the winner of the local escalation of privilege category in Pwn2own 2021. In addition, he is a regular security patent inventor and security conference speaker including CanSecWest, POC, HITCON, Recon, BlueHat and Black Hat.