Security Superstars 2010: Researchers

Security researchers do it because they love it. Working into the wee hours of the morning, often accompanied by cans of Red Bull and cold pizza, security researchers are the driving force behind the security products created to detect attacks and defend IT infrastructure from malicious threats. Equipped with drive and innovation, as well as an innate desire to break into things, they tackle what seems to be the insurmountable challenge of exposing vulnerabilities and squelching elusive and highly sophisticated security threats, such as botnets, Internet worms and Trojan horses. They then risk both public persecution and untold glory in an effort to warn users about vulnerabilities on the devices and applications that many take for granted. Here are a few of the best and brightest.

Dino Dai Zovi is a computer security professional and independent security researcher with expertise in penetration testing, software security auditing and security management. He has co-authored two books, the most recent being The Mac Hacker's Handbook with Apple researcher Charlie Miller. One of his recent claims to fame was a successful hack of a MacBook Pro during the CanSecWest conference.

Kevin Finisterre is the former head of research and co-founder of SNOSoft, aka Secure Network Operations. Kevin's primary focus has been on the dissemination of information relating to the identification and exploitation of software vulnerabilities on various platforms, including Apple, IBM, SAP, Oracle, Symantec and HP. His current brainchild is the project he calls DigitalMunition.com.

Apple researcher Landon Fuller put himself on the company's radar when he released proof-of-concept code for a Java vulnerability in Mac OS X last spring. Fuller claimed to publish the exploit, which was previously exploited in the wild, after attempting in vain to alert Apple of the vulnerability for more than six months.

Robert Graham learned hacking as a toddler from his grandfather, a WW-II codebreaker. He is the author of several pending patents in the IDS field and is a frequent speaker at conferences. Prior to founding Errata Security, he was the CTO, and chief architect at Network ICE (now owned by ISS).

Jeremiah Grossman is an authority on Web application security and founder and CTO of White Hat Security. He is a frequent speaker at industry events including the BlackHat conference, ISACA's Networks Security Conference, NASA, ISSA and DEFCON.

Larry Highsmith is the CEO of information assurance security firm Subreption, a boutique research organization with strong focus on proactive defense technologies. Among other things, Highsmith has extensive security expertise in Linux and Mac platforms.

Bill Hoffman first became famous when, as a student at Georgia Tech, he discovered a security flaw in the campus magnetic ID card system called "BuzzCard" and gave a talk about the security flaw at the Atlanta hacker conference "Interz0ne" in the fall of 2002. Hoffman authored the book Ajax Security and worked as a security researcher at Hewlett-Packard.

Dan Kaminsky is a security researcher and director of penetration testing for IOActive. He formerly worked for Cisco and Avaya. He is renowned in the security industry for his work on a critical DNS cache-poisoning flaw, which he illustrated in numerous talks at BlackHat conferences.

An active contributor to major conferences and leading security initiatives, Paul Kocher is the founder and president of Cryptography Research and leads the company as its president and chief scientist. His accomplishments include discovering timing attacks and Differential Power Analysis, helping author the widely used SSL 3.0 standard, and leading the design of the record-breaking DES Key Search machine. He has recently focused on developing antipiracy technologies for securing digital content.

Nate Lawson is the founder of consulting firm Root Labs, where he focuses on design and review of systems involving embedded and kernel security, crypto and software protection. He has previously worked as a security researcher at Cryptography Research Decru, Nifty Devices, Scient, Infogard, ISS and Elite.Net.

David Litchfield is recognized as one of the world's leading authorities on database security. He is the author of Oracle Forensics, the Oracle Hacker's Handbook, the Database Hacker's Handbook and SQL Server Security and is the co-author of the Shellcoder's Handbook. He is a regular speaker at a number of computer security conferences around the world.

Charlie Miller is a computer security researcher with the consulting firm Independent Security Evaluators, and has also spent five years working for the National Security Agency. One of Miller's most recent claims to fame is demonstrated hacks on Mac OS X and other Mac products, including the detection of a SMS processing vulnerability that allowed hackers to take control of an Apple iPhone.

Jose Nazario is a senior security researcher with Arbor Networks, where he specializes in large-scale Internet trends such as reachability and topology measurement, Internet-scale events such as DDoS attacks, botnets and worms, source code analysis tools and data mining. He is the author of the books Defense and Detection Strategies against Internet Worms and Secure Architectures with OpenBSD.

Joanna Rutkowska is a security specialist, primarily known for her research on stealth malware such as virtual rootkits, and contributions to Windows Vista backdoor installation and hiding techniques. In August 2006 at the BlackHat conference in Las Vegas, Rutkowska presented system compromise techniques that could be used on Windows Vista systems.

Jeff Moss founded BlackHat and DEFCON hacker conferences and has also worked for Ernst & Young LLP in its Information System Security division, and was a director at Secure Computing Corporation. Moss was recently appointed by Homeland Security Secretary Janet Napolitano to the Homeland Security Advisory Council (HSAC). Moss is currently based in Seattle, where he works as a security consultant for a company that is hired to test other companies' computer systems.

Mikko Hypponen is the chief research officer for F-Secure. He has led the team that took down the worldwide network used by the Sobig.F worm in 2003, was the first to warn the world about the Sasser outbreak in 2004 and named the infamous Storm Worm in 2007. Mr. Hypponen has assisted law enforcement in the USA, Europe and Asia on cybercrime cases, and is also an inventor for several patents, including US patent 6,577,920 "Computer virus screening."