Weld Pond

Weld Pond

infobox Scientist


name = Chris Wysopal
birth_date = Birth date and age|1965|12|01|df=y
residence =
citizenship =
field = Computer science
work_institutions = L0pht
@stake
Symantec
Veracode
alma_mater = Rensselaer Polytechnic Institute
known_for = Security

Chris Wysopal (also known as Weld Pond) is a computer security expert and CTO of Veracode. He was a member of the high profile hacker think tank, the L0pht where he was a vulnerability researcher.

Chris Wysopal was born in 1965 in New Haven, Connecticut, his mother an educator and his father an engineer. He attended Rensselaer Polytechnic Institute in Troy, New York where he received a bachelor's degree in computer systems and engineering in 1987. Wysopal is married to real estate broker Debra Kavaler.

Career

He was the seventh member to join the L0pht. His projects there included L0phtCrack and Netcat for Windows. He was also webmaster/graphic designer for the L0pht's web site, and for Hacker News Network (the first hacker blog). He researched and published security advisories on vulnerabilities in Microsoft Windows, Lotus Domino, Microsoft IIS, and ColdFusion. Weld was one of the seven L0pht members who testified before a Senate committee in 1998 that they could bring down the Internet in 30 minutes. When L0pht was acquired by @stake in 1999, he became the manager of @stake's Research Group and later became @stake's Vice President of Research and Development. In 2004, when @stake was acquired by Symantec, he became its Director of Development.

He was instrumental in developing industry guidelines for disclosing a software security vulnerability responsibly. He was a contributor to the first vulnerability disclosure policy, RFPolicy. In 2002, along with Steve Christey of MITRE, he proposed an IETF RFC titled "Responsible Vulnerability Disclosure Process". The process was eventually rejected by the IETF as not within their purview. However, the process did become the foundation for [http://www.oisafety.com/ Organization for Internet Safety] , an industry group bringing together software vendors and security researchers, of which he was a founder. In 2003 he testified before a United States House of Representatives subcommittee on the topic of vulnerability research and disclosure. In 2001, he founded the non-profit, full disclosure mailing list, VulnWatch, for which was a moderator.

In 2008, Chris was recognized for his achievements in the IT industry by being named one of the [http://www.eweek.com/c/a/IT-Management/100-Most-Influential-People-in-IT/4/ 100 Most Influential People in IT] by eWeek and selected as one of the [http://www.infoworld.com/article/08/06/02/23FE-cto25-wysopal_1.html InfoWorld CTO 25] .

Bibliography

Books
*cite book
author = Wysopal, Chris
coauthors = Lucas Nelson, Dino Dai Zovi, Elfriede Dustin
date = November 1 2006
title = The Art of Software Security Testing
edition = (First Edition)
publisher = Addison-Wesley
id = ISBN 0-321-304865-1

Articles
* cite news
url=http://news.zdnet.com/2100-9595_22-523048.html
title=Do Security Holes Demand Full Disclosure
last=Wysopal
first=Chris
date=August 16, 2000
publisher=ZDNet News
* cite news
url=http://news.zdnet.com/2100-9595_22-524352.html
title=Why the world needs reverse engineers
last=Wysopal
first=Chris
date=October 9, 2000
publisher=ZDNet News
* cite news
url=http://www.usenix.org/publications/login/2003-12/pdfs/wysopal.pdf
title=Learning Security QA from Vulnerability Researchers
last=Wysopal
first=Chris
date=December 2003
publisher=USENIX ;login:
* cite news
url=http://www.stickyminds.com/s.asp?F=S8260_MAGAZINE_2
title=Case Your Own Joint
last=Wysopal
first=Chris
date=October 2004
publisher=Better Software Magazine
* cite news
url=http://www.usenix.org/publications/login/2004-12/pdfs/code.pdf
title=Putting Trust in Software Code
last=Wysopal
first=Chris
date=December 2004
publisher=USENIX ;login:
* cite news
url=http://www.gcn.com/print/25_21/41397-1.html
title=Government IT security begins at app level
last=Wysopal
first=Chris
date=July 24, 2006
publisher=Government Computer News
* cite news
url=http://www.scmagazineus.com/Building-security-into-your-software-development-lifecycle/article/104705/
title=Building security into your software-development lifecycle
last=Wysopal
first=Chris
date=January 30, 2008
publisher=SC Magazine

External links

* [http://hsgac.senate.gov/l0pht.htm U.S. Senate Press Release: HEARINGS ANNOUNCED ON COMPUTER SECURITY FAILURES IN GOVERNMENT]
* [http://tools.ietf.org/draft/draft-christey-wysopal-vuln-disclosure/draft-christey-wysopal-vuln-disclosure-00.txt Responsible Vulnerability Disclosure Process]
* [http://www.iwar.org.uk/comsec/resources/worm-virus-defense/wysopal-09-10-03.pdf Hearing on “Worm and Virus Defense: How Can We Protect the Nation’s Computers from These Threats?”]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Pond (disambiguation) — Pond may refer to:* Pond, a body of water smaller than a lake * Pond (asteroid), a flat or smooth deposit of fine regolith on an asteroid * Pond (currency), used in the Orange Free State, the South African Republic, and New Griqualand * Pond… …   Wikipedia

  • Stephen Minot Weld, Jr. — Gen. Stephen Minot Weld Jr. (1842–1920), a member of Boston s illustrious Weld Family, was a horticulturalist and much decorated U.S. Army officer of the American Civil War.Early lifeWeld prepared for higher education at the Jamaica Plain… …   Wikipedia

  • L0pht — Infobox computer underground group name = L0pht Heavy Industries caption = LHI Logo origin = Boston, Massachusetts country = United States status = inactive years active = 1992 ndash;2000 category = hacker think tank founders = Count Zero White… …   Wikipedia

  • Chris Wysopal — Born 1 December 1965 (1965 12 01) (age 45) R …   Wikipedia

  • Christien Rioux — DilDog redirects here. For Dilbert s dog, see Dogbert. Christien Rioux Residence U.S …   Wikipedia

  • L0phtCrack — Infobox Software name = L0phtCrack caption = The result of a quick audit on an example password list provided with the program. collapsible = yes developer = Peiter Zatko (Mudge), Chris Wysopal (Weld Pond), Christien Rioux (DilDog), Rob Cheyne,… …   Wikipedia

  • Dildog — is also the original name of Dogbert. DilDog is the handle that Christien Rioux [ [http://www.csoonline.com/read/040107/fea lopht.html L0pht in Transition] , April, 2007. Retrieved May 3, 2007.] used while at MIT and at L0pht Heavy Industries in… …   Wikipedia

  • List of Rensselaer Polytechnic Institute people — This is a list of people associated with Rensselaer Polytechnic Institute, including Presidents, Alumni, Professors, and Researchers. Presidents of Rensselaer Polytechnic Institute For a list of the highest elected student leaders at RPI see List …   Wikipedia

  • L0pht — Heavy Industries Fundación 1992 Fundador(es) Count Zero White Knight Brian Oblivion Golgo 13 Desaparición Enero de 2000 Sede …   Wikipedia Español

  • Jamaica Plain, Massachusetts — Jamaica Plain, commonly known as JP , is a historic neighborhood of 4.4 sq. miles in Boston, Suffolk County, Massachusetts, United States. Founded by Boston Puritans seeking farm land to the south, it was originally part of the city of Roxbury.… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”