Jesse Schwartzentruber is a Staff Security Engineer in Waterloo with 12 years of experience building fuzzing platforms, automating CI/CD, and hardening large codebases. At Mozilla he has advanced Firefox’s fuzzing and build infrastructure—integrating AFL++ and improving coverage tooling—while also contributing to Taskcluster to make containerized CI more capable for security tooling like rr. His background in C, assembly, Python and Linux stems from a decade of embedded and firmware work at BlackBerry, giving him unusual low-level insight into exploit surface and power/ASIC constraints. Comfortable operating across build systems, distributed workers, and performance tuning, he blends pragmatic DevOps with deep vulnerability research to find and fix class bugs before they reach users.
12 years of coding experience
7 years of employment as a software developer
Physics and Computing, Physics and Computing at Wilfrid Laurier University
B. Tech, Integrated Telecommunication and Computer Technologies, B. Tech, Integrated Telecommunication and Computer Technologies at Conestoga College
A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.
Role in this project:
Automation Engineer / Build & Release Engineer
Contributions:2 reviews, 21 commits, 14 PRs in 6 years 6 months
Contributions summary:Jesse's contributions primarily focused on automating the build and coverage collection processes for the JavaScript engine fuzzing project. They made significant changes to `downloadBuild.py`, including the use of argparse, improved URL handling, and support for ASan builds, thereby enhancing the build process. The user also modified scripts related to coverage gathering, integrating with Taskcluster and making adjustments for correct path prefixes when running coverage collection. Additionally, they addressed issues with fuzzfetch usage.
Contributions:3 reviews, 10 commits, 6 PRs in 2 years 8 months
Contributions summary:Jesse primarily contributed to the configuration and enhancement of the Taskcluster Docker worker. They added features such as shared memory device mounting and bind mounts to improve container functionality. They also addressed bug fixes related to device handling and improved build processes by updating dependencies. Furthermore, they enabled the ability to disable seccomp syscall filtering in containers for tasks requiring it, like `rr`.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Jesse Schwartzentruber - Staff Security Engineer at Mozilla