Siddhesh Joshi (Editor)

Chris Wysopal

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Citizenship
  
American

Known for
  
Security

Name
  
Chris Wysopal

Children
  
3

Board member of
  
Veracode


Chris Wysopal Chris Wysopal RSA Conference

Born
  
1 December 1965 (age 58) (
1965-12-01
)
New Haven, Connecticut United States North America

Residence
  
Concord, Massachusetts, U.S.

Alma mater
  
Rensselaer Polytechnic Institute

Spouse(s)
  
Debra Kavaler Wysopal (m. 2008)

Education
  
Rensselaer Polytechnic Institute

Books
  
The Art of Software Security Testing: Identifying Software Security Flaws

00 Passwords 2015 Keynote 1: Chris Wysopal


Chris Wysopal (also known as Weld Pond) is an entrepreneur, computer security expert and CTO of Veracode. He was a member of the high-profile hacker think tank the L0pht where he was a vulnerability researcher.

Contents

Chris Wysopal How I Got Here Chris Wysopal Threatpost The first

Chris Wysopal was born in 1965 in New Haven, Connecticut, his mother an educator and his father an engineer. He attended Rensselaer Polytechnic Institute in Troy, New York where he received a bachelor's degree in computer and systems engineering in 1987.

Chris Wysopal wwwveracodecomsitesdefaultfilesChrisW1jpg

Art of software security testing chris wysopal


Career

Chris Wysopal Chris Wysopal on Bloomberg Companies Still Vulnerable to

He was the seventh member to join the L0pht. His development projects there included Netcat and L0phtCrack for Windows. He was also webmaster/graphic designer for the L0pht website and for Hacker News Network, the first hacker blog. He researched and published security advisories on vulnerabilities in Microsoft Windows, Lotus Domino, Microsoft IIS, and ColdFusion. Weld was one of the seven L0pht members who testified before a Senate committee in 1998 that they could bring down the Internet in 30 minutes. When L0pht was acquired by @stake in 1999 he became the manager of @stake's Research Group and later @stake's Vice President of Research and Development. In 2004 when @stake was acquired by Symantec he became its Director of Development. In 2006 he founded Veracode with Christien Rioux.

Chris Wysopal Chris Wysopal SecTor 2017

Wysopal was instrumental in developing industry guidelines for responsible disclosure of software vulnerabilities. He was a contributor to RFPolicy, the first vulnerability disclosure policy. Together with Steve Christey of MITRE he proposed an IETF RFC titled "Responsible Vulnerability Disclosure Process" in 2002. The process was eventually rejected by the IETF as not within their purview but the process did become the foundation for Organization for Internet Safety, an industry group bringing together software vendors and security researchers of which he was a founder. In 2001 he founded the non-profit full disclosure mailing list VulnWatch for which was moderator. In 2003 he testified before a United States House of Representatives subcommittee on the topic of vulnerability research and disclosure.

Chris Wysopal Amazoncom Chris Wysopal Books Biography Blog Audiobooks Kindle

In 2008 Wysopal was recognized for his achievements in the IT industry by being named one of the 100 Most Influential People in IT by eWeek and selected as one of the InfoWorld CTO 25. In 2010 he was named a SANS Security Thought Leader. In 2012, he began serving on the Black Hat Review Board. He was named one of the Top 25 Disruptors of 2013 by Computer Reseller News. In 2014 he was named one of 5 Security Thought Leaders by SC Magazine.

Works

Chris Wysopal Talking business about security Chris Wysopal CoFounder CTO

  • Wysopal, Chris; Lucas Nelson; Dino Dai Zovi; Elfriede Dustin (November 1, 2006). The Art of Software Security Testing. Addison-Wesley. ISBN 0321304861. 
  • Shostack, Adam (February 17, 2014). Chris Wysopal, eds. Threat Modeling: Designing for Security. Wiley. ISBN 1118809998. CS1 maint: Uses editors parameter (link)

    • References

    Chris Wysopal Wikipedia
    (Text) CC BY-SA