|
About the AuthorsJohn is currently the principal investigator on a DARPA-funded effort to build practical analysis technologies for assessing the security of real programs. John is a co-author of Network Security and Cryptography using OpenSSL (O'Reilly, 2002), and is also working on two other books, including Java Enterprise Architecutre (O'Reilly, 2002). John is also an adjunct professor of Computer Science at Virginia Tech. He received a BA and an MS in Computer Science from the University of Virginia. Gary McGraw, Chief Technology Officer at Cigital researches software security and sets technical vision in the area of Software Risk Management. A noted authority on mobile code security, Gary chairs the National Infosec Research Council's Malicious Code Infosec Science and Technology Study Group. In addition to consulting with major e-commerce vendors, including VISA International, he has written more than 60 peer-reviewed technical publications. Gary also functioned as principal investigator on grants from the U.S. Air Force Research Labs, DARPA, the National Science Foundation and NIST's Advanced Technology Program. He serves on the corporate boards of Counterpane, Finjan, NetCertainty and Tovaris, as well as advising the CS Department at UC Davis. Gary has co-authored both Java Security (Wiley, 1996) and Securing Java (Wiley, 1999) with Prof. Ed Felten of Princeton University, and Software Fault Injection (Wiley, 1998) with Dr. Jeffrey Voas. He is a regular contributor to popular trade publications, and is often quoted in national press articles. Gary holds a B.A. in Philosophy from the University of Virginia and a dual Ph.D. in Cognitive Science and Computer Science from Indiana University. |
