Eric Bickle is a Senior Principal Application Security Engineer based in Langley, BC, with 11 years of professional experience blending software architecture, secure coding, and large-scale system design. At Asurion he has driven architecture decisions and led development of enterprise platforms for mobile warranty and service, while now focusing on application security at a principal level. He contributes to high-impact open source security tooling—enhancing CodeQL’s Java taint analysis to detect thread resource abuse—linking hands-on code changes to real-world security scanning. His background spans high-availability ecommerce systems, AI-driven product classification, and public-health data platforms, giving him a rare mix of security rigor and pragmatic system engineering. Colleagues rely on him for scalable, auditable solutions that bridge architecture, developer workflows, and security testing.
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Role in this project:
Back-end Developer & Security Engineer
Contributions:2 reviews, 2 PRs, 21 comments in 1 year 11 months
Contributions summary:Eric primarily focused on enhancing CodeQL's Java analysis capabilities, specifically improving taint analysis to detect thread resource abuse vulnerabilities. They modified the CodeQL query library to correctly propagate taint through arithmetic expressions. Furthermore, the user updated test cases in Java to demonstrate the vulnerability and the effectiveness of the new taint analysis rules. These changes directly contribute to the security analysis features of the CodeQL tool.
Contributions:2 pushes, 2 branches in 6 years 8 months
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Eric Bickle - Senior Principal Application Security Engineer