- unknown (b.)
Partner Director of Software Security in Trustworthy Computing Security at Microsoft, he has forty years’ experience in cybersecurity and is named as inventor on twelve U.S. patents and two pending applications in the field of computer and network security. He helped form and served on the Anderson Panel for the Air Force in the early 1970’s as MITRE Corporation’s representative, oversaw path-breaking computer security high assurance mathematical model work at MITRE later that decade, and was a leader in Digital Equipment Corporation’s (DEC) effort to build an A1 (TCSEC certification) system in the 1980’s. He served two terms on the United States Information Security and Privacy Advisory Board. He holds S.B. and S.M. Degrees from the Massachusetts Institute of Technology (MIT) and attended the Harvard Business School’s Program for Management Development. He was responsible for the Microsoft Security Response Center from 1999 to 2003. He leads Microsoft’s Security Development Lifecycle (SDL) team and is responsible for the definition, support and application of Microsoft’s SDL process and for tools and programs to make the SDL available to organizations beyond Microsoft. SDL is a software development process that helps developers build more secure software and address security compliance requirements while reducing development cost. He is also responsible for Microsoft’s corporate strategies and policies for supply chain security and for strategies related to government security evaluation of Microsoft products. He is coauthor of The Security Development Lifecycle and is named as inventor on twelve U.S. patents and two pending applications in the field of computer and network security. He serves as a Board member and Chair of SAFECode.
Noted For:Responsible for the definition, support and application of Microsoft’s SDL process
Category of Achievement: