The 15 Most Influential People in Security Today

 
 
By Ryan Naraine  |  Posted 2008-02-12
 
 
 

The 15 Most Influential People in Security Today

 

The 15 Most Influential People in Security Today

The 15 Most Influential People in Security Today - 1. Tavis Ormandy, Google Security Team

As goes Google, so goes Web 2.0 security. Tavis Ormandy, one of the most visible hackers/researchers on the Google Security Team, faces the unenviable responsibility of making sure all of Google's products pass the security smell test. An open-source security guru, Ormandy is tasked with identifying and analyzing vulnerabilities and exploits--and with getting them fixed before the bad guys can do damage. He is also co-lead of the Gentoo Security Team, shoring up the security of the Linux distribution.

The 15 Most Influential People in Security Today - 1. Tavis Ormandy, Google Security Team

The 15 Most Influential People in Security Today - 2. Ivan Krstic, One Laptop Per Child

The XO laptop (previously known as the $100 laptop) is poised to create a computing monoculture, and it-

The 15 Most Influential People in Security Today - 2. Ivan Krstic, One Laptop Per Child

The 15 Most Influential People in Security Today - 3. Chris Paget, IOActive

Chris Paget's demonstration of an RFID cloner at last year's Black Hat and RSA Security conferences helped to draw attention to major weaknesses in a technology that's becoming more and more mainstream. He showed how easy it is to build a working RFID tag cloner as part of a larger effort to underscore the insecurity of wireless technology.

The 15 Most Influential People in Security Today - 3. Chris Paget, IOActive

The 15 Most Influential People in Security Today - 4. Bunnie Huang, Bunnie Studios

The frontier of computer security isn't the next Windows operating system; it's the tiny computers embedded into everything we make, from cell phones to microwaves to alarm clocks. And the most visible person working out in the Wild West of hardware hacking is Bunnie Huang. Huang is an MIT PhD, founder of Chumby, breaker of the original Xbox and referee of the monthly "Name That Ware" contest. What-

The 15 Most Influential People in Security Today - 4. Bunnie Huang, Bunnie Studios

The 15 Most Influential People in Security Today - 5. Michal Zalewski, Google

Before joining the search marketing giant as an information security engineer, Michal Zalewski launched an all-out assault on the security models of modern Web browsers, exposing critical vulnerabilities in Microsoft's Internet Explorer and Firefox. His public disclosure of those flaws went a long way to hardening the browsers. Now a member of Google's security team, he continues to find and report bugs in Apple's Mac OS X and to use his hacking skills to help secure Google's long list of Internet-facing products.

The 15 Most Influential People in Security Today - 5. Michal Zalewski, Google

The 15 Most Influential People in Security Today - 6. Window Snyder

A former Microsoft security strategist, Window Snyder borrowed a page from Redmond's playbook and introduced a comprehensive-threat modeling and penetration-testing routine to Mozilla, where she now works as "Chief security something or other..." Snyder's behind-the-scenes security efforts--which include outside hacker teams conducting simulated attacks on Firefox 3--are sure to pay off for the open-source alternative Web browser.

The 15 Most Influential People in Security Today - 6. Window Snyder

The 15 Most Influential People in Security Today - 7. The MOAB Hackers

Spurred on by apathy--some would say arrogance--of the Mac faithful toward security, a group of hackers decided to document and disclose vulnerabilities in the Apple ecosystem every day throughout the month of January. What followed was the "Month of Apple Bugs," an eye-opening effort that forced Apple's security response team into action and helped speed up the delivery of security updates from Cupertino.

The 15 Most Influential People in Security Today - 7. The MOAB Hackers

The 15 Most Influential People in Security Today - 8. Dino Dai Zovi

Where the "Month of Apple Bugs" exposed Mac OS X security holes in a theoretical way, New York-based researcher Dino Dai Zovi took it a step further, launching a remote code execution attack against a fully patched MacBook Pro as part of a contest at the CanSecWest security conference. Dai Zovi's attack confirmed for many that malware-delivery attacks against Apple's OS are a reality.

The 15 Most Influential People in Security Today - 8. Dino Dai Zovi

The 15 Most Influential People in Security Today - 9. Michael Howard, Microsoft

No list of this sort is complete without the inclusion of Michael Howard, co-author of Microsoft's SDL (Security Development Lifecycle), the mandatory software coding approach that builds security into every conceivable layer. Howard's work helped make Windows Vista Microsoft-

The 15 Most Influential People in Security Today - 9. Michael Howard, Microsoft

The 15 Most Influential People in Security Today - 10. HD Moore, Metasploit

A rock star in hacker circles, HD Moore continues to push the vulnerability research envelope with his free Metasploit exploit development and penetration testing framework. The freely available point-and-click hacking tool is constantly refreshed to keep pace with security research, and now includes built-in support for breaking into Apple's iPhone, full support for the Windows platform (including GUI) and more than 450 modules and about 265 remote exploits.

The 15 Most Influential People in Security Today - 10. HD Moore, Metasploit

The 15 Most Influential People in Security Today - 11. Dave Aitel, Immunity

Founder of the widely read Daily Dave mailing list and a skilled hacker in his own right, Dave Aitel's delivery of proof-of-concepts and exploits in the commercial CANVAS attack tool go a long way toward helping businesses and IDS (intrusion detection system) vendors determine risk from known--and unknown--vulnerabilities.

The 15 Most Influential People in Security Today - 11. Dave Aitel, Immunity

The 15 Most Influential People in Security Today - 12. Bronwen Matthews, Microsoft

A key part of Microsoft's mandatory SDL process is Bronwen Matthews' responsibility. A Trustworthy Computing security program manager, Matthews manages the vendor selection process for security researchers, penetration testers and expert instructors. In this role, she controls the budget for outside hacking teams hired to break Microsoft's products, spreading her influence in two parts: security of the Windows ecosystem and, more importantly, funding the startups that promote the best in security research.

The 15 Most Influential People in Security Today - 12. Bronwen Matthews, Microsoft

The 15 Most Influential People in Security Today - 13. John Pescatore, Gartner

You could say that John Pescatore, a vice president and research fellow at Gartner, owns and controls the venture capital pipeline for security. In many ways, Pescatore's work determines enterprise spending at a very high level, influencing the delivery of Internet-facing products.

The 15 Most Influential People in Security Today - 13. John Pescatore, Gartner

The 15 Most Influential People in Security Today - 14. Rob Thomas and Team Cymru

When it comes to tracking malicious Internet activity worldwide, no one does it better--or is more respected--than Rob Thomas and Team Cymru. A U.S. non-profit, Team Cymru is seen as the Tier 1 ISP honeynet project, conducting in-depth research into the -

The 15 Most Influential People in Security Today - 14. Rob Thomas and Team Cymru

The 15 Most Influential People in Security Today - 15. Stefan Esser, Hardened PHP Project

If there's a security hole in PHP, chances are it was found by Stefan Esser, an open-source security specialist. Esser's advisories about flaws in Linux, NetBSD, Samba, Ethereal, CVS, Subversion, MySQL and PHP are legendary. He is also known as the first hacker to completely break the DRM (digital rights management) scheme of the Microsoft Xbox with software-only exploits. His "Month of PHP Bugs" project thoroughly exposed the insecure nature of the widely deployed PHP language and forced a rethink about security in the open-source world.

The 15 Most Influential People in Security Today - 15. Stefan Esser, Hardened PHP Project

Rocket Fuel