John Viega

contact: <my last name> at viega.org

Work

Founder and CEO,  Stonewall Software

Writings

John is the co-author of four books on application security, Building Secure Software (Addison Wesley, 2001), Network Security with OpenSSL (O’Reilly, 2002), the Secure Programming Cookbook (O’Reilly, 2003) and the 19 Deadly Sins of Software Security (McGraw Hill, 2005).

He also built the original CLASP application security process, which is available on-line.

Biography

Before Stonewall, John was Vice President, Chief Security Architect at McAfee, where he worked on technical strategy and M+A (SiteAdvisor, Onigma) and ran a large development organization that included SiteAdvisor and McAfee's core anti-virus and anti-spyware technologies. John was also founder and CTO of Secure Software, which was acquired by Fortify. John received a MS in Computer Science and a BA from the University of Virginia.

Research and Development

John’s research areas have included application security, cryptography, programming languages and usability. He co-developed GCM, a mode of operation for block ciphers such as AES that has been incorporated into IPSec and the 802.1AE draft document, and is currently being standardized by NIST.

Free and Open Source Software

Despite being cautious about embracing the open source security theory, John has been involved in many open source projects. He was the original author of the Mailman mailing list manager, and has been author or co-author of many other free projects, including  RATS, SafeStr, XXL and ITS4.

Hobbies

John wishes he had more time for his kids, bridge and baseball.