John Viega

Early life

He earned his BA from the University of Virginia. As an undergraduate, he worked in Randy Pausch's Stage 3 Research Group, as an early contributor to Alice. Viega earned an MS in Computer Science, also from the University of Virginia.

Career

John Viega co-authored the widely used GCM mode of operation for AES, along with David A. McGrew. He also co-designed its predecessor, CWC mode

John Viega was also a pioneer in static analysis for security vulnerabilities. He was responsible for the first publicly available tool, ITS4., as well as the prominent open source Rough Auditing Tool for Security (RATS). He also founded Secure Software, the first commercial vendor for such tools, which was bought by Fortify Software (now part of HP).

John Viega was also the original author of OWASP's CLASP, a lightweight process for relating software development to security. He is also a former editor-in-chief for the IEEE Security & Privacy Magazine. In addition, Viega is the original author of the GNU Mailman mailing list program.

John Viega is Executive Vice President, Products and Engineering at BAE Systems Applied Intelligence. He joined BAE Systems through the 2014 acquisition of SilverSky, a cloud security provider funded by Goldman Sachs and Bessemer Ventures. Prior to SilverSky, Viega was at McAfee, where he was CTO for SaaS, and prior to that, McAfee's Chief Security Architect. He currently teaches at NYU, and has previously taught at Virginia Tech.

He is the co-author of Building Secure Software (Addison Wesley, 2001), which was the first book to teach developers how to write secure software. He has since co-authored a number of additional books on computer security, including The Myths of Security (O'Reilly, 2009), Beautiful Security, (O'Reilly, 2009) Network Security with OpenSSL (O’Reilly, 2002), the Secure Programming Cookbook (O’Reilly, 2003) and the 19 Deadly Sins of Software Security (McGraw Hill, 2005).