Summary
Tariq Houis is an application security researcher based in Montreal with a decade of hands-on experience uncovering and remediating software vulnerabilities across academic, enterprise, and open-source ecosystems. His recent NDSS '26 paper introduced a dynamic, high-speed analysis method for Node.js packages that yielded hundreds of real-world findings and helped secure 70 CVEs at high and critical severity. Prior to his current research role at Concordia University he led security operations and built a SOC for Majmaah University, blending incident response, governance, and secure development practices. A former freelance penetration tester and tool author, Tariq bridges offensive techniques with responsible disclosure and mentorship, and publishes tools and write-ups on GitHub and his blog to help practitioners operationalize research.
10 years of coding experience
10 years of employment as a software developer
Bachelor of Engineering - BE Information Technology, Bachelor of Engineering - BE Information Technology at University of Kalamoon
Master's degree Computer and Information Systems Security/Information Assurance, Master's degree Computer and Information Systems Security/Information Assurance at Concordia University
Diploma Collage Computer Engineering Technology/Technician, Diploma Collage Computer Engineering Technology/Technician at Homs University
Arabic, English, French