Chris Wysopal

Chris Wysopal
Chris Wysopal

Born 1 December 1965 (1965-12-01) (age 45)
Residence Flag of the United States.svg U.S.
Citizenship Flag of the United States.svg American
Fields Computer science
Institutions L0pht
@stake
Symantec
Veracode
Alma mater Rensselaer Polytechnic Institute
Known for Security

Chris Wysopal (also known as Weld Pond) is a computer security expert and CTO of Veracode. He was a member of the high profile hacker think tank the L0pht where he was a vulnerability researcher.

Chris Wysopal was born in 1965 in New Haven, Connecticut, his mother an educator and his father an engineer. He attended Rensselaer Polytechnic Institute in Troy, New York where he received a bachelor's degree in computer systems and engineering in 1987.

Career

He was the seventh member to join the L0pht. His projects there included Netcat and L0phtCrack for Windows. He was also webmaster/graphic designer for the L0pht website and for Hacker News Network, the first hacker blog. He researched and published security advisories on vulnerabilities in Microsoft Windows, Lotus Domino, Microsoft IIS, and ColdFusion. Weld was one of the seven L0pht members who testified before a Senate committee in 1998 that they could bring down the Internet in 30 minutes. When L0pht was acquired by @stake in 1999 he became the manager of @stake's Research Group and later @stake's Vice President of Research and Development. In 2004 when @stake was acquired by Symantec he became its Director of Development.

Wysopal was instrumental in developing industry guidelines for responsible disclosure of software vulnerabilities. He was a contributor to RFPolicy, the first vulnerability disclosure policy. Together with Steve Christey of MITRE he proposed an IETF RFC titled "Responsible Vulnerability Disclosure Process" in 2002. The process was eventually rejected by the IETF as not within their purview but the process did become the foundation for Organization for Internet Safety, an industry group bringing together software vendors and security researchers of which he was a founder. In 2003 he testified before a United States House of Representatives subcommittee on the topic of vulnerability research and disclosure. In 2001 he founded the non-profit full disclosure mailing list VulnWatch for which was moderator.

In 2008 Wysopal was recognized for his achievements in the IT industry by being named one of the 100 Most Influential People in IT by eWeek and selected as one of the InfoWorld CTO 25. In 2010 he was named a SANS Security Thought Leader.

Bibliography

Books

  • Wysopal, Chris; Lucas Nelson, Dino Dai Zovi, Elfriede Dustin (November 1, 2006). The Art of Software Security Testing ((First Edition) ed.). Addison-Wesley. ISBN 0-321-304865-1. 

Articles

External links



Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Weld Pond — infobox Scientist name = Chris Wysopal birth date = Birth date and age|1965|12|01|df=y residence = citizenship = field = Computer science work institutions = L0pht @stake Symantec Veracode alma mater = Rensselaer Polytechnic Institute known for …   Wikipedia

  • Pond (disambiguation) — Pond may refer to:* Pond, a body of water smaller than a lake * Pond (asteroid), a flat or smooth deposit of fine regolith on an asteroid * Pond (currency), used in the Orange Free State, the South African Republic, and New Griqualand * Pond… …   Wikipedia

  • List of Rensselaer Polytechnic Institute people — This is a list of people associated with Rensselaer Polytechnic Institute, including Presidents, Alumni, Professors, and Researchers. Presidents of Rensselaer Polytechnic Institute For a list of the highest elected student leaders at RPI see List …   Wikipedia

  • L0phtCrack — Infobox Software name = L0phtCrack caption = The result of a quick audit on an example password list provided with the program. collapsible = yes developer = Peiter Zatko (Mudge), Chris Wysopal (Weld Pond), Christien Rioux (DilDog), Rob Cheyne,… …   Wikipedia

  • Netcat — Developer(s) *Hobbit* Stable release 1.10 / March 20, 1996 Operating system UNIX …   Wikipedia

  • Dildog — is also the original name of Dogbert. DilDog is the handle that Christien Rioux [ [http://www.csoonline.com/read/040107/fea lopht.html L0pht in Transition] , April, 2007. Retrieved May 3, 2007.] used while at MIT and at L0pht Heavy Industries in… …   Wikipedia

  • @stake — @stake, Inc. was a computer security professional services company in Cambridge, Massachusetts, United States. It was founded in 1999 by Battery Ventures (Tom Crotty, Sunil Dhaliwal, and Scott Tobin) and Ted Julian. Its initial core team of… …   Wikipedia

  • NTLM — In a Windows network, NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.[1][2][3] NTLM is the successor to the authentication protocol in Microsoft LAN Manager… …   Wikipedia

  • Netcat — Screenshot einer Anwendungsmöglichkeit von Netcat Netcat, auch nc genannt, ist ein einfaches Werkzeug, um Daten von der Standardein oder ausgabe über Netzwerkverbindungen zu transportieren. Es arbeitet als Server oder Client mit den Protokollen… …   Deutsch Wikipedia

  • Internet Explorer 6 — En este artículo se detectaron los siguientes problemas: Carece de fuentes o referencias que aparezcan en una fuente acreditada. Parece ser una traducción defectuosa. Por favor …   Wikipedia Español

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”