Richard Bejtlich (S4, M4) is founder of TaoSecurity, a company
that helps clients detect, contain, and remediate intrusions using network
security monitoring (NSM) principles. He was previously a principal
consultant at Foundstone, performing incident response, emergency NSM, and
security research and training. He has created NSM operations for ManTech
International Corporation and Ball Aerospace & Technologies Corporation. From
1998 to 2001, Richard defended global American information assets
in the Air Force Computer Emergency Response Team (AFCERT), performing and
supervising the real-time intrusion detection mission.
Formally trained as an intelligence officer, he holds degrees from Harvard
University and the United States Air Force Academy. Richard wrote The Tao of Network
Security Monitoring: Beyond Intrusion Detection and the forthcoming
Extrusion Detection: Security Monitoring for Internal Intrusions and Real
Digital Forensics. He also wrote original material for Hacking
Exposed, 4th Edition, Incident Response, 2nd Edition, and Sys Admin magazine. Richard holds the CISSP, CIFI, and CCNA certifications. His popular
Web log resides at http://taosecurity.blogspot.com.
Tina Bird (M2) brings rigorous scientific discipline, a wealth of network
administration and Internet security expertise, and substantial
teaching experience to her role as the Security Architect for
InfoExpress. At InfoExpress, Tina provides strategic guidance in the development
of the CyberGatekeeper product line, as well as researching new
vulnerabilities and exploits. She represents InfoExpress in the
Trusted Computing Group's Trusted Network Connect subgroup. She also writes and speaks about policy enforcement technologies in
general, including 802.1x, standards-based enforcement mechanisms
and Cisco's Network Admission Control, as well as talks specifically
geared towards InfoExpress products.
Tina moderates the Log Analysis and VPN mailing lists; with Marcus Ranum, she
Previously she was responsible for technical review and implementation
of Internet firewalls, virtual private networks, and authentication
systems at Cerner Corporation, and subsequently for
Secure Network Group; the Director of Network
Intelligence at Counterpane Internet Security; and a Computer
Security Officer for Stanford University.
Sven Dietrich (T2) is a senior member of the technical staff at CERT Research at
Carnegie Mellon University and also holds an appointment at the Carnegie
Mellon University CyLab, a university-wide cybersecurity research and
education initiative. Previously he was
a senior security architect at the NASA Goddard Space Flight Center, where
he observed and analyzed the first distributed denial-of-service attacks
aainst the University of Minnesota in 1999. He taught Mathematics and
Computer Science as adjunct faculty at Adelphi University, his alma mater,
from 1991 to 1997.
His research interests include survivability, computer and network
security, anonymity, cryptoraphic protocols, and cryptography. His
previous work has included a formal analysis of the secure sockets layer
protocol (SSL), intrusion detection, analysis of distributed
denial-of-service tools, and the security of IP communications in space.
His publications include the recent book Internet Denial of Service:
Attack and Defense Mechanisms (Prentice Hall, 2004), as well as
the articles "Analyzing Distributed Denial of Service Tools: The Shaft
Case" (2000) and "The 'mstream' Distributed Denial of Service Tool"
(2000), and others on Active Network Defense, DDoS tool analysis, and
David Dittrich (T2) is a Senior Security Enineer and Researcher for the UW
Center for Information Assurance and Cybersecurity and the Information
School at the University of Washington, where he has worked since 1990. Dave is also a member of the
Honeynet Project and Seattle's "Agora" security group.
He is most widely known for his research into Distributed Denial of
Service (DDoS) attack tools and host & network forensics. He has
presented talks and courses at dozens of computer security
conferences, workshops, and government/private organizations
worldwide. He has been a prolific self-publisher of white papers, FAQs,
and malware tool analyses, all intended to make his (and everyone
else's) life easier in dealing with computer intrusions. Dave has
contributed to the books Know Your Enemy, by the Honeynet Project
(Addison-Wesley, 2001), The Hacker's Challenge, edited by Mike
Schiffman (McGraw Hill, 2001), and two articles in the Handbook of
Information Security, edited by Hossein Bidoli (John Wiley & Sons,
2005), and was another co-author of Internet Denial of Service:
Attack and Defense Mechanisms (Prentice Hall, 2004).
Ron Dodge (T3) is the director of the Information Technology Operations Center and
an assistant professor in the Department of Electrical Engineering and
Computer Science at the US Military Academy. His research
interests include information warfare, security protocols, Internet
technologies, and performance planning and capacity management. Dodge
received a PhD in computer science from George Mason University. Contact him
Rik Farrow (S1, M1) provides UNIX and Internet security consulting and training. He has been working with UNIX system security since 1984 and with TCP/IP networks since 1988. He has taught at the IRS, Department of Justice, NSA, NASA, US West, Canadian RCMP, Swedish Navy, and for many US and European user groups. He is the author of UNIX System Security, published by Addison-Wesley in 1991, and System Administrator's Guide to System V (Prentice Hall, 1989). Farrow writes a column for ;login: and a network security column for Network magazine. Rik lives with his family in the high desert of northern Arizona and enjoys hiking and mountain biking when time permits.
Peter Baer Galvin (T1) is the Chief Technologist for Corporate Technologies, Inc., a systems integrator and VAR, and was the Systems Manager for Brown University's Computer Science Department. He has written articles
for Byte and other magazines. He wrote the "Pete's Wicked World" and
"Pete's Super Systems" columns at SunWorld. He is currently
contributing editor for Sys Admin, where he manages the Solaris
Corner. Peter is co-author of the Operating Systems Concepts and Applied Operating Systems Concepts textbooks. As a consultant and trainer, Peter has taught tutorials on security and system administration and has given talks at many conferences and institutions on such topics as Web
services, performance tuning, and high availability.
Brad C. Johnson (T4) is vice president of SystemExperts Corporation. He has participated in seminal industry initiatives such as the Open Software
Foundation, X/Open, and the IETF, and has been published in such journals as
Digital Technical Journal, IEEE Computer Society Press, Information Security
Magazine, Boston Business Journal, Mass High Tech Journal, ISSA Password
Magazine, and Wall Street & Technology. Brad is a regular tutorial instructor and conference speaker on topics
related to practical network security, penetration analysis, middleware,
and distributed systems. He holds a B.A. in computer science from Rutgers University and an M.S. in
applied management from Lesley University.
Richard E. Mackey, Jr. (T4) is principal of SystemExperts Corporation.
Dick Mackey is regarded as one of the industry's foremost authorities on
distributed computing infrastructure and security. Before joining
SystemExperts, he worked in leading technical and director positions at The
Open Group, The Open Software Foundation (DCE), and BBN Corporation (Cronus
Distributed Computing Environment). He has been published often in security
magazines such as ISSA Password, .NET, Information Security, and SC Secure
Computing. He is a regular speaker on computer security topics at various
industry conferences. Dick has a B.S. and an M.S. in Electrical and Computer Engineering from the University of Massachusetts at Amherst.
Gary McGraw (M3) Cigital, Inc.'s CTO, researches software security and sets
technical vision in the area of Software Quality Management. Dr. McGraw is co-author of five best selling books: Exploiting Software
(Addison-Wesley, 2004), Building Secure Software (Addison-Wesley, 2001),
Software Fault Injection (Wiley 1998), Securing Java (Wiley, 1999), and
Java Security (Wiley, 1996). A noted authority on software and
application security, Dr. McGraw consults with major software producers
and consumers. He has written over sixty peer-reviewed
technical publications and functions as principal investigator on grants
from Air Force Research Labs, DARPA, National Science Foundation, and
NIST's Advanced Technology Program. He serves on Advisory Boards of
Authentica, Counterpane, and Fortify Software, as well as advising the
CS Department at UC Davis. Dr. McGraw holds a dual PhD in Cognitive
Science and Computer Science from Indiana University and a BA in
Philosophy from UVa. He writes a monthly security column for Network
magazine, is the editor of "Building Security In" for IEEE Security &
Privacy magazine, and is often quoted in national press articles.
Dan Ragsdale (T3) is the director of the Information Technology Program and an
associate professor at the US Military Academy. His
research interests include information assurance, network security, intrusion
detection, and artificial intelligence. Ragsdale received a PhD in computer
science from Texas A&M. Contact him at firstname.lastname@example.org.
Marcus Ranum (S3) is Chief Security Officer at Tenable Security, Inc., and a world-renowned expert
on security system design and implementation.
He is recognized as the inventor of the proxy firewall and the
implementer of the first commercial firewall product. Since the
late 1980s, he has designed a number of groundbreaking security
products, including the DEC SEAL, the TIS firewall toolkit, the
Gauntlet firewall, and NFR's Network Flight Recorder intrusion
detection system. He has been involved in every level of operations
of a security product business, from developer, to founder and CEO
of NFR. Marcus has served as a consultant to many FORTUNE 500 firms
and national governments, as well as serving as a guest lecturer
and instructor at numerous high-tech conferences. In 2001, he was
awarded the TISC Clue award for service to the security community,
and he holds the ISSA lifetime achievement award.