Tamas Lengyel is a Senior Principal Security Engineer with 13 years of deep experience in firmware, kernel and hypervisor security, now focused on Oracle Cloud firmware security after a multi-year tenure at Intel researching cloud-scale fuzzing and threat discovery. He combines hands-on low-level engineering—contributions to projects like DRAKVUF and LibVMI show expertise in VM introspection, file extraction and Xen event handling—with practical offensive research and threat modeling as a long-standing SAFE review board member. Tamas has spoken at DEF CON and other security conferences, blending academic rigor (PhD-level training at UConn and TUM) with pragmatic exploit discovery and mitigation work. Notably, his open-source fixes to C-level file/object handling and altp2m support reflect an ability to improve both tooling and hypervisor internals that are rarely covered in typical security roles.
13 years of coding experience
12 years of employment as a software developer
Doctor of Philosophy (PhD) Computer Science, Doctor of Philosophy (PhD) Computer Science at Technical University of Munich
Doctor of Philosophy (PhD) Computer science, Doctor of Philosophy (PhD) Computer science at University of Connecticut
The official home of the LibVMI project is at https://github.com/libvmi/libvmi.
Role in this project:
Back-end Developer
Contributions:2 releases, 85 reviews, 298 commits in 8 years 7 months
Contributions summary:Tamas primarily focused on enhancing the LibVMI project by addressing low-level system interaction. The contributions involved improving the Xen events driver, including features such as support for Xen's altp2m and VM exits, and improving memory access handling. They also worked on architecture-specific code optimizations and addressing a range of bug fixes across the codebase, illustrating a deep understanding of the system.
Contributions:10 releases, 247 reviews, 643 commits in 8 years 5 months
Contributions summary:Tamas primarily focused on improving the `drakvuf` project's file extraction capabilities, fixing bugs in the file extractor, and updating the injector. The contributions involved modifying C code, specifically in relation to file object handling and the implementation of the trap frame approach on x86. The user also made changes to the clone script, demonstrating a familiarity with the tool's scripting environment.
binary-analysisboxanalysissandboxvirtualization
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Tamas Lengyel - Senior Principal Security Engineer at Oracle