[1] Prior to his current employment, he worked for IOActive, Coverity, Accuvant, and IBM.
Valasek has publicly demonstrated many security vulnerabilities, with particular focus on Microsoft Windows heap exploitation.
Later research, such as his 2010 paper "Understanding the Low Fragmentation Heap: From Allocation to Exploitation"[3] demonstrated ways to circumvent vendor mitigations to the approaches outlined in his prior work.
In 2013, he and Charlie Miller demonstrating a number of attack vectors against ECUs in automotive control networks.
[4] Together with Miller, they have produced a survey of remote attack surfaces in then-current model year automobiles, an important first step in establishing the state of the art of automotive security and safety research.