Oliver Kunz is a security-focused engineer based in Zurich with over five years of experience driving sandboxing, ML infrastructure security, and regulatory assessment at Google. He leads technical efforts to harden AI systems, own EU AI Act assessments for ML infrastructure, and has a track record of reducing technical debt in sandboxing projects like Sandboxed-API and Sandbox2—contributing upstream code and tests to a well-known Google open-source sandboxing repo. Prior roles include hands-on consulting, penetration testing, and forensic work, and he has taught Information Security to distance MSc students at Royal Holloway. Active in the security community, he’s served on the BSidesLisbon CFP review board since 2022 and has supported the conference since 2016. Known for bridging deep engineering with policy and program ownership, he combines practical tooling refactors (LLVM/libclang, proto migrations) with governance and vendor security expertise.
5 years of coding experience
5 years of employment as a software developer
Master of Science (MS) Information Security, Master of Science (MS) Information Security at Royal Holloway, University of London
Vocational Baccalaureate, Vocational Baccalaureate at BMZ Berufsmaturitätsschule Zürich
Telematiker Computer Systems Networking and Telecommunications, Telematiker Computer Systems Networking and Telecommunications at TBZ Technische Berufsschule Zürich
Bachelor's degree Enterprise Computing, Bachelor's degree Enterprise Computing at University of Applied Science Zurich
Apprenticeship Telecommunications Technology/Technician, Apprenticeship Telecommunications Technology/Technician at Kellenberger + Huber AG
Generate sandboxes for C/C++ libraries automatically
Role in this project:
Back-end Developer
Contributions:30 reviews, 20 commits, 2 PRs in 3 months
Contributions summary:Oliver primarily focused on modifying and maintaining the `sandboxed-api` library, particularly concerning protobuf serialization, deserialization, and integration with the sandbox2 framework. Their contributions involved refactoring code to utilize `proto2::MessageLite` and migrating the project to proto3. They also implemented unit tests for verifying node equivalence within the mount tree structure, and they added a convenience function to allow setting the name of a thread or process. Furthermore, the user made changes for the Android build environment.
A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)
Contributions:1 push in 1 day
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Oliver Kunz - Member Of The CFP Review Board at Google