Technical Advisory Board

Fortify's Technical Advisory Board consists of group of world-renowned industry and academic experts that provide guidance and feedback on a regular basis. This select group of professionals provides insight, guidance, and a range of different perspectives and expertise to keep the Security Research Group on top of the most important and cutting edge techniques.

• Avi Rubin, Ph.D.
  Dr. Rubin, a Professor of Computer Science at Johns Hopkins University, recently performed a critical analysis of an electronic voting system that focused a national spotlight on the security flaws in these systems. He is co-author of “Firewalls and Internet Security”, (Addison Wesley, 2003), “Web Security Sourcebook” (Wiley, 1997) and author of “White-Hat Security Arsenal” (Addison Wesley, 2001).
• Bill Joy
  Mr. Joy is a Partner at Kleiner Perkins Caufield & Byers. As Chief Scientist of Sun Microsystems, Mr. Joy led Sun's technical strategy from the founding of the company until September 2003. Mr. Joy was a key designer of Sun technologies including Solaris, SPARC, chip architectures and pipelines, and Java. Before co-founding Sun, he designed and wrote Berkeley UNIX. Mr. Joy has more than 40 patents issued or in progress.
• David Wagner, Ph.D.
  Dr. Wagner is a professor in the Computer Science Department of the University of California at Berkeley. Arguably today’s top software security researcher in the field, his research concentrates on the security of large-scale systems, networks and applications of static and dynamic program analysis to computer security. He is well known for his wireless network security and cryptography work.
• Fred Schneider, Ph.D.
  Dr. Schneider is a professor of Computer Science at Cornell University and the Director of Cornell’s Information Assurance Institute. Dr. Schneider is also a Fellow of the Association for Computer Machinery (ACM) and American Association for the Advancement of Science. In addition to Fortify Software, he serves on the technical advisory boards of Intel and Microsoft.
• Gary McGraw, Ph.D.
  Gary McGraw is the CTO of Cigital, Inc., a software security and quality consulting firm with headquarters in the Washington, D.C. area. He is a globally recognized authority on software security and the author of six best selling books on this topic. The latest, Software Security: Building Security In was released in 2006, with Exploiting Online Games slated for release this year. His other titles include Java Security, Building Secure Software, and Exploiting Software; he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for darkreading.com and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the Advisory Boards of Fortify Software and Raven White. His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean’s Advisory Council for the School of Informatics. Gary is an IEEE Computer Society Board of Governors member and produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine.
• Greg Morrisett, Ph.D
  Dr. Morrisett earned his B.S. in Mathematics and Computer Science from the University of Richmond and his Ph.D. in Computer Science from Carnegie Mellon University. He spent about seven years on the faculty of the Computer Science Department at Cornell University. In 2002-03, he took a sabbatical at Microsoft's Cambridge Research Laboratory, and in January of 2004, he moved to Harvard University.
• Li Gong, Ph.D.
  Dr. Li Gong is Chairman and CEO of Mozilla Online Ltd., a China–based subsidiary of the Mozilla Corporation that is well known for the Firefox browser. He was previously Managing Director of Microsoft/MSN in China, and General Manager of Sun Microsystems’s software group in China. Prior to that, he was a Distinguished Engineer and Chief Java Security Architect at JavaSoft, and was an active member of the security research community having served as program chairs of IEEE S&P, IEEE CSFW, and ACM CCS. He holds 11 US patents and is a graduate of Tsinghua University in Beijing with a PhD from Cambridge University.
• Marcus Ranum
  Mr. Ranum is a world–renowned expert on security system design and implementation. He is recognized as the inventor of the proxy firewall and the implementer of the first commercial firewall product. He is Senior Scientist at TruSecure Corporation, an international risk management firm and author of the book “The Myth of Homeland Security” (Wiley, 2003).
• Matt Bishop, Ph.D.
  Dr. Bishop is a professor at the University of California at Davis. He is author of “Computer Security: Art and Science,” (Addison-Wesley, 2002) – the touchstone textbook for the theory and practice of computer security. Dr. Bishop is a frequent author for IEEE Security and Privacy, and remains one of America's preeminent computer security educators.
• William Pugh, Ph.D.
  Dr. Pugh is a professor at the University of Maryland, College Park and a Packard Fellow. He received a Ph.D. in Computer Science from Cornell University where he invented Skip Lists. His current research focus is on developing tools to improve software productivity and reliability. A current product of this effort is the FindBugs static analysis tool for Java.
• John Viega
  John Viega is the CEO of Stonewall Software. Previously, he was Vice President, Chief Security Architect at McAfee, where he worked on technical strategy and M+A (SiteAdvisor, Onigma) and ran a large development organization that included SiteAdvisor and McAfee's core anti-virus and anti-spyware technologies. John was also founder and CTO of Secure Software, which was acquired by Fortify.
  John is a frequent pundit and speaker in the space. He co-author of four books on software security, including Building Secure Software, the Secure Programming Cookbook and the 19 Deadly Sins of Software Security. He has done extensive standards work in the IEEE and IETF, and co-invented GCM, a cryptographic algorithm that NIST has standardized. John has a MS and BA from the University of Virginia.