Tripwire Guest Authors
Tripwire invites topical posts on security and risk management from some of the leading experts in the field. The opinions expressed in the articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc. If you are interested in contributing to The State of Security Blog, please contact us socialmediastrategies[ at ]tripwire[ dot ]com.
Tripwire Guest Authors has contributed 750 posts to The State of Security.
Lamar Bailey is responsible for leading Tripwire's Vulnerability and Exposures Research Team (VERT), which is comprised of world-renowned security engineers and researchers who scour the globe looking for the latest public and private vulnerabilities, then write detection algorithms based on a propriety OS, Application, and threat fingerprinting techniques for inclusion in Tripwire's commercial Vulnerability Management products.
The Tripwire Vulnerability Assessment engine is part of IP360 and it is the brains for detecting network assets and evaluating these assets using the VERT algorithms. This team is comprised of world class software developers/engineers with low level understanding system and network programming.
Lamar Bailey has contributed 11 posts to The State of Security.
David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.
David Bisson has contributed 1,090 post to The State of Security.
Keirsten Brager, CISSP, CASP, is a Tripwire Resident Engineer at a major power utility, graduate student in cyber security, and Saints fan.
キルスティン・ブラジャー は CISSP および CASP の資格を保持し、現在は Tripwire のレジデントエンジニアとして大手電力会社で勤務しています。彼女はサイバーセキュリティ専攻の大学院生であり、セインツのファンでもあります。
Keirsten Brager has contributed 4 posts to The State of Security.
Before joining Tripwire, Chris spent over 18 years leading cyber security initiatives for Fortune 500s and others. During that time he was responsible for securing over $1 trillion in acquired assets in the US, UK, Germany, Greece & Russia. His broad industry experience includes aerospace, financial, critical infrastructure, manufacturing and high-tech while his technical experience covers everything from mainframe to cloud (SaaS, PaaS & IaaS). At Tripwire Chris is the Manager of Security Content & Research and is loving every minute of it.
Chris Conacher has contributed 8 posts to The State of Security.
Bob Covello (@BobCovello) is a 20-year technology veteran and InfoSec analyst with a passion for security topics. He is also a volunteer for various organizations focused on advocating for and advising others about staying safe and secure online.
Bob Covello has contributed 46 posts to The State of Security.
Karen Cummins is the Director of Federal Sales at Tripwire and promotes the success of civilian Federal agencies with a broad and robust portfolio of solutions for managing critical security controls, including both agent-based and agentless Security Configuration Management, Log Management, Vulnerability Management, and File Integrity Monitoring.
ケレン・カミンズ は Tripwire の政府担当セールスディレクターです。 彼女は、重要なセキュリティコントロールの管理を行うための広範で強力なポートフォリオ（エージェントベースおよびエージェントレスのセキュリティコンフィギュレーション管理、ログ管理、脆弱性管理、ファイル整合性モニタリングソリューション）を提案し、政府・行政当局の業務をサポートしています。
Keren Cummins has contributed 5 posts to The State of Security.
A senior level Information Technology professional with over 30 years of experience in management, consulting and service provision. Paul has been at Tripwire for 8 years and is the International Services Director. Paul has extensive experience working in both the public and private sectors, has successfully managed large international service teams and has been instrumental in the design and delivery of multi-million dollar enterprise security solutions. He has excellent interpersonal and communications skills, proven management experience and a decisive but calm approach to problem solving. A comprehensive understanding of the security implications and demands associated with sector specific regulatory and legislative compliance, combined with an extensive knowledge of security strategy, operational risk management, governance, service delivery, channel strategy and P&L accounting have all helped Paul successfully build and manage specialist security teams and practices.
Paul Edon has contributed 6 posts to The State of Security.
Tim Erlin is VP of Product Management & Strategy at Tripwire. He previously managed Tripwire’s Vulnerability Management product line, including IP360 and PureCloud. Erlin's background as a Sales Engineer has provided a solid grounding in the realities of the market, allowing him to be an effective leader and product manager across a variety of products. His career in information technology began with project management, customer service, as well as systems and network administration. Erlin is actively involved in the information security community. His contributions include blogging, podcasts, press, speaking and television.
ティム・アーリンは、Tripwire社のセキュリティ/ITリスク戦略 担当ディレクタであり、ソリューションと戦略に携わっています。 以前はIP360、PureCloudを含むTripwireの脆弱性管理製品ラインを管理していました。 彼のバックグラウンドは、市場にマッチした施策を提供するセールスエンジニアであり、様々な製品にわたるプロダクトマネージャも経験しています。 彼の情報テクノロジにおけるキャリアは、プロジェクトマネジメント、カスタマサービス、またシステム/ネットワーク管理に渡ります。 アーリンは情報セキュリティ業界に必要とされており、ブログ、ポッドキャスト、プレス、講演、テレビ出演など様々な活動に貢献しています。
Tim Erlin has contributed 42 posts to The State of Security.
Hudson Harris (@legallevity) is the Chief Privacy Officer and Associate General Counsel for a company encompassing clinical services and software design. He focuses on risk management, compliance, and privacy/security practice creation, management, and consulting. He holds a BA in International Affairs, a Masters of International Business, M.B.A., J.D. and is a licensed attorney in California.
Hudson Harris has contributed 9 posts to The State of Security.
Darlene Hibbs is a Security Researcher and Software Engineer for Tripwire, and is part of the Vulnerability and Exposures Research Team (VERT). Though Darlene only recently completed her collegiate training, she is recognized as an up and coming player in the vulnerability management arena.
ダーリーン・ヒブスは Tripwire のセキュリティ調査エンジニアであり、VERT のメンバーです。ダーリーンはニューブランスウィック・コミュニティカレッジにて電子ゲーム設計課程を修了し、ファンショウカレッジにてコンピュータシステム技術者プログラムを修了しました。ファンショウカレッジでは、OS およびネットワーク管理について学びました。
VERT のメンバーになってからは、主にオラクル製品の調査に取り組み、コンテンツ自動生成および Microsoft SharePoint 用のスクリプトを作成しています。ダーリーンは Tripwire のブログ「The State of Security」の執筆者であり、余暇には読書やストリーミングゲームを楽しんでいます。
Darlene Hibbs has contributed 8 posts to The State of Security.
John has been in the IT industry for over 30 years and brings a wide variety of skills to Tripwire. His experience ranges from Operations, Systems Programming, Infrastructure / Systems Management, ITIL & CMDB and Security, Rick and Compliance as well as Advanced Security Operations. John has a passion for technology and aligning solutions and services that will bring the most value to his respective clients. Some of the organizations that John has worked for in the past include: RSA, Computer Associates, Managed Objects, Configuresoft and a Minnesota Based Integration Partner formerly known as Midwave.
When not solving IT Business Challenges for his client’s, John likes to spend his time in the great outdoors with family and friends. He enjoys playing in the snow on his snowmobile, golfing, fishing hunting and competitive shooting.
John Hunkeapillar has contributed 2 posts to The State of Security.
Brian is the Mid-Enterprise Account Manager covering the Northwest for Tripwire. Brian has worked in IT security for nearly 20 years working with early Anti-Virus and Firewall solutions to today’s advanced threat detection. Before joining Tripwire worked at a variety of software/hardware vendors and a reseller including stints at Symantec and Blue Coat. When Brian is not working at Tripwire on information security, he enjoys hiking, running and rooting on the SF Giants and Portland Trail Blazers.
Brian Jackson has contributed 1 post to The State of Security.
David Jamieson is part of the MidEnterprise account team covering South Central (IA, OK, AR, LA, MS). David’s been with Tripwire since January, 2011. He spent three years covering Department of Defense accounts and one year covering Northern California. He’s now overseeing the “South Central” region.
David Jamieson has contributed 7 posts to The State of Security.
Farhan Jiva is a Security Research Engineer on the Vulnerability and Exposures Research Team (VERT). Prior to Tripwire, Farhan worked at Coalfire doing consulting/penetration testing, Dell SecureWorks as a network security analyst, and worked at UGA doing penetration testing on departmental web applications. Farhan went to school at the University of Georgia for a Bachelor's and Master's degree in Computer Science.
Farhan Jiva has contributed 3 posts to The State of Security.
Irfahn holds a CISSP certification and brings a wide range of expertise in the field of Information Security specializing in Vulnerability Management, Compliance, Risk Identification and Scoring, as well as Social Engineering. He is a recognized leader in building Information Security Solutions and Customer Satisfaction. He has experience providing technical security leadership and guidance to Fortune 500 accounts, as well as smaller companies, in several verticals including financial, energy/commercial, healthcare, and retail. See what he’s thinking on Twitter @TheRealKhimji
Irfahn Khimji has contributed 17 posts to The State of Security.
Bob Loihl is a Software Engineer with 20+ years of experience developing business applications, leading teams and spreading the security word. He has a strong interest in delivering applications that are secure by design in an agile world. He has been helping Tripwire grow and mature its development processes for the last 10 years and his current hobby is incorporating SSDLC (Secure Software Development Life-Cycle) processes into the software manufacturing process. Bob is passionate about family, software, canoes and guitars. In his spare time he works at Tripwire producing high quality software using Agile methodologies. Oh yeah, he cares a tiny bit about security.
Bob Loihl has contributed 21 posts to The State of Security.
David is Chief Research Officer at Tripwire where he is responsible for working with customers, partners, and industry experts to imagine, innovate, and deliver on advancing the state of the art in protecting Tripwire’s customers from the most sophisticated attackers in the world. David previously served as VP/Engineering at Tripwire, joining in 2013 through its acquisition of nCircle where he served as Chief Technology Officer and VP/Engineering. David has been an entrepreneur, leader, software developer, security researcher, and generally obsessed with network security for the last two decades.
David Meltzer has contributed 12 posts to The State of Security.
Chris Morgan leads the Worldwide Renewals team at Tripwire. He joined Tripwire in 2010, and prior to his current role, he managed a sales territory in the U.S. Central Southwest. Chris has 20+ years of experience in sales, account management, customer success, and management, including ~10 years in information security and technology. He has worked with 100’s of customers of all sizes, and in many industries, to help address the security and compliance challenges faced by organizations. Chris earned a Bachelor’s Degree in Psychology, and outside of work he is passionate about family, music, the outdoors, and travel. Also find him @thatchrismorgan.
Chris Morgan has contributed 2 posts to The State of Security.
I am a rounded security professional with extensive security experience gained within enterprises organisations across many sectors, most recently within utilities and service provider environments.
With over 15 years experience in enterprise security technology, policy and process I am able to incorporate people, technology and organisation into my unique approach to solving security challenges.
Having worked in the IT Sector for more than 27 years I am proficient in most enterprise technologies including operating systems, networks, storage, applications and databases.
I am motivated and perceptive individual and enjoy taking on new challenges. I work well under pressure and maintain composure when faced with difficult situations. I am able to gain trust and rapport with stakeholders at all levels.
Paul Norris has contributed 16 posts to The State of Security.
Chris Orr has been employed by Tripwire, Inc. since September 2000. Initially hired to develop and deliver training materials for such golden oldies as Tripwire for Servers and Tripwire for Routers, he quickly moved on into the Systems Engineering group where he has been ever since. His role initially required him to provide technical assistance to regions covering 27 states and all of the Federal government, but as the company has grown His territory has been whittled down to the Pacific Northwest, Western Canada and Western Enterprise (which…when he thinks about it…is still the largest geographic territory in the company…) Currently based out of scenic Lake Stevens, WA, when not flying to such lovely places as Winnipeg or Boise, Chris is teaching his daughter how to play guitar or going on Scouting trips with his son.
クリス・ オアーは、2000 年 9 月に Tripwire, Inc. に入社しました。入社当初は、Tripwire for Servers や Tripwire for Routers などの懐かしい製品のトレーニング資料の開発およびその実施を担当していました。その後まもなく、現在所属するシステムエンジニアリンググループに異動しました。移動後の彼の職務は、27の州をカバーすると共に、すべての政府組織に対し技術支援を提供することでした。しかし、会社が成長すると、彼の担当は太平洋岸北西部、カナダ西部などの北米西部地域の企業に限定されました（それでも社内の担当範囲としては最大です）。
Chris Orr has contributed 44 posts to The State of Security.
Joe Pettit is the Managing Editor at Tripwire. Joe graduated with a degree in Business and Marketing in 2009 and then went on to create and develop the popular IT security blog, Information Security Buzz. From that venture, Joe moved to Tripwire where is continued to aid the development of their award-winning blog, The State of Security. Joe specializes in SEO, Social Media, Lead Generation and implementing new strategies to help develop Tripwire’s online presence.
ジョー・ペティット は Tripwire で編集長の職についています。2009 年にビジネス＆マーケティングの学位を取得し、有名な IT セキュリティ関連ブログの「Information Security Buzz」を立ち上げました。その後 Tripwire に入社し、当社の受賞歴のあるブログ「The State of Security」の開発を支えました。 SEO、ソーシャルメディア、リード創出に精通するジョーは、新たな戦略を導入して Tripwire のオンラインプレゼンスの向上を支援しています。
Joe Pettit has contributed 19 posts to The State of Security.
Ted Rassieur has been in the IT industry for 18 years and worked with Tripwire for 6 years in the Customer Services group. In this time with Tripwire Ted has worked with 100’s of customers to help solve compliance and security challenges. In his current role, Ted is responsible for scoping new services projects as well as solution implementation. These duties require mapping tools, team skills and best practices to customer needs for creating workable solutions. Ted also contributes to advancing Tripwire’s solution for NERC regulated customers. Prior to work in compliance and security, Ted worked in software configuration management.
Ted Rassieur has contributed 3 posts to The State of Security.
Tyler Reguly is a Manager of Software Development with Tripwire, and a key member of VERT (Vulnerability and Exposure Research Team), where he focuses on web application security and vulnerability detection. Tyler is involved in industry initiatives such as CVSS-SIG and WASSEC, and has spoken at many security events, including SecTOR and OWASP Toronto. Additionally, he has contributed to the Computer Systems Technology curriculum at Fanshawe College in London, Ontario by developing and teaching a number of security related courses. Tyler is frequently quoted by security industry press and is a prolific blogger.
タイラー・レグリは、Tripwire社のソフトウェア開発担当マネージャで脆弱性調査チームVERT（Vulnerability and Exposure Research Team）の主要メンバーです。VERTではウェブアプリケーションのセキュリティと脆弱性検知を専門としています。
タイラーはCVSS-SIG やWASSECなどの業界プロジェクトに関わっており、SecTORやOWASP Trontoといった多くのセキュリティイベントで講演をしています。 更にいくつかのセキュリティ関連コースの開発と指導を通じてオンタリオ州ロンドンのファンショー・カレッジでComputer Systems Technologyの教育課程に貢献しています。
Tyler Reguly has contributed 100 posts to The State of Security.
Maritza Santillan is a senior marketing specialist, responsible for corporate communication efforts and social media at Tripwire. She studied at the University of Oregon and earned a B.A. in journalism with an emphasis on public relations and business administration. Maritza enjoys exploring the Northwest, trying new restaurants and cheering on the Ducks!
Maritza Santillan has contributed 449 posts to The State of Security.
Edward Smith has been implementing, supporting, and marketing technology products for over 15 years and is currently Product Marketing Manager for Vulnerability Management solutions at Tripwire. Edward has held various positions as a Systems Engineer, Sales Engineer, Support Manager, and Technical Trainer for companies like Dell, Adobe, and Gateway. Outside of work Edward enjoys snowboarding, camping, and karaoke - and has been thinking about combining the three into an extreme sport!
Edward Smith has contributed 23 posts to The State of Security.
Travis Smith is a Principal Security Researcher at Tripwire. He has over 10 years experience in security, holds an MBA with a concentration in information security, and multiple certifications including CISSP, GIAC and GPEN. Travis specializes in integrating various technologies and processes, with a passion for forensics and security analytics with the goal of helping customers identify and mitigate real threats.
トラヴィス・スミス は、Tripwire のシニアセキュリティリサーチエンジニアです。 セキュリティに関する 10 年以上の経験を持つ トラヴィスは、情報セキュリティ分野の MBA を取得し、CISSP、GIAC、および GPEN の資格を保持しています。
Travis Smith has contributed 24 posts to The State of Security.
Jay Thakkar works with Professional Services Team providing consistent and valuable services to clients. At Tripwire, he enjoys discussing with customers on Information Security, Risk Identification and Vulnerability Management solutions to help protect their critical environment. Jay Thakkar holds BS in Management Information Systems from University of Illinois at Chicago and currently resides in the United States with his family. Feel free to reach out to him for ideas, questions, or comments.
Jay Thakkar has contributed 2 posts to The State of Security.
Lane Thames is a senior security researcher with Tripwire’s Vulnerability and Exposure Research Team (VERT). As a member of VERT, Lane develops software that detects applications, devices, and operating systems along with vulnerability detection and management software. He also spends time looking for new vulnerabilities, contributing to the Tripwire State of Security blog, and understanding emerging cybersecurity threats. Lane received his PhD in Electrical and Computer Engineering from the Georgia Institute of Technology and has spent over 15 years working in information technology and software/hardware development.
レーン・テムズは、ソフトウェア開発エンジニアであり、Tripwire の Vulnerability and Exposure Research Team（VERT）と呼ばれる脆弱性調査チームのセキュリティ調査員です。 レーンはVERT のメンバーとして、アプリケーション、デバイス、OS を検知するソフトウェア、および脆弱性の検知と管理を行うソフトウェアを開発しています。また、新しい脆弱性の発見や、Tripwire のブログ「The State of Security」の執筆、サイバーセキュリティ上の新出の脅威の調査を担当しています。
レーンはジョージア工科大学で電気工学、コンピューター工学の博士号を取得し、情報テクノロジーおよびソフトウェア/ハードウェア開発に 10 年以上携わりました。
Lane Thames has contributed 18 posts to The State of Security.
I've had a well rounded technical life. It all started with building an electric motor from scratch with my Dad. That led to a college degree in Electrical Engineering, and then my first true technology job working at IBM's Almaden Research Center. Then it was on to "real jobs" such as an instructor writing system administration manuals and teaching classes from them in far flung places like Tokyo, testing and developing internet advertising systems, building highly concurrent distributed key-value data storage and finally landing here at Tripwire where as a System Architect I enable teams to design and build security systems that make the online world a safer place.
Mitch Thomas has contributed 7 posts to The State of Security.
As the Director of Corporate Communications, I lead our community engagement, social media, analyst relations, customer advocacy, competitive intelligence and speaking opportunities (yeah, and many more unofficial duties). A Product Marketer at heart, I live by the NIHITO (nothing interesting happens in the office) motto. I crave engagement with all of you and are in a continuous quest to learn from others. I enjoy traveling, reading and experiencing different cultures. It's a privilege to work with the energetic, collaborative and fantastic team at Tripwire. Together we develop, market and sell kick-ass products for your enjoyment.
Cindy Valladares has contributed 146 posts to The State of Security.
Visiting Professor at the School of Science & Technology - Nottingham Trent University [NTU], Visiting Professor/Lecturer at the University of Slavonia [to 2015], Registered Expert Witness, Certified Forensics Investigator Practitioner [CFIP], CEO of HEXFORENSICS LTD, Academic Practitioner & Accredited Advisor to the Chartered Society of Forensic Sciences in the area of Digital/Cyber Forensics, ENISA CEI Listed Expert, Editorial Member of the Cyber Security Research Institute [CRSI], Writer for Digital Forensics, Trainer at Meirc Training & Consulting [UAE/Dubai], Fellow of the Royal Society of the Arts [RSA], & Board Advisor to the Digital Trust.
John Walker has contributed 31 posts to The State of Security.
Brad works in Tripwire's R&D organization with the performance and automation team. Prior to joining Tripwire, Brad worked at Yahoo! on the service engineering and operations team for Yahoo! Small Business and e-commerce platform. Brad's years of experience dealing with the kinds of abuse and fraud typically associated with web hosting platforms has instilled in him an enthusiasm for information security that still occupies most of his free time.
Brad Winckler has contributed 4 posts to The State of Security.
James Wright is a U.S. Air Force veteran with over 15 years of cybersecurity experience in both the public and private sectors. As a Tripwire employee, he enjoys serving customer needs by consulting on a broad range of security and vulnerability management solutions to protect critical infrastructure, servers, and endpoints. James is a security researcher, credited with vulnerability discoveries in many commercial software security applications. As an active member of professional organizations including ISACA, ISSA, ACP, and the FBI’s InfraGard program, James believes that combining practical experience with community participation can enhance services for both customers and the public. He holds a Bachelor of Arts degree in Information Technology from the University of Denver and is currently pursuing a Master of Science degree in Information Systems Security at the same institution. James holds the GIAC Certified Incident Handler, GIAC Information Security Professional, (ISC)² Systems Security Certified Practitioner, AXELOS ITIL Foundation Service Management, and BRCCI Certified Business Resilience Manager credentials. Feel free to reach out to him with ideas, questions or comments.
James Wright has contributed 5 posts to The State of Security.
Craig Young is a computer security researcher with Tripwire's Vulnerability and Exposures Research Team (VERT). He has identified and responsibly disclosed dozens of vulnerabilities in products from Google, Amazon, IBM, NETGEAR, Adobe, HP, Apple, and others. His research has resulted in numerous CVE assignments and repeated recognition in the Google Application Security Hall of Fame. Craig's presentations on Google authentication weaknesses have led to considerable security improvements for all Google users. Craig won in track 0 and track 1 of the first ever SOHOpelessly Broken contest at DEF CON 22 by demonstrating 10 0-day flaws in SOHO wireless routers. His research into iOS WiFi problems more recently exposed CVE-2015-3728 that could allow devices to inadvertently connect to malicious hot spots. Craig has more recently turned his attention to a different part of the wireless spectrum with research into home automation products as well as RFID/NFC technology.
クレイグ・ヤングは、Tripwire社の脆弱性調査チームVERT（Vulnerability and Exposure Research Team）のコンピュータセキュリティ研究者です。
クレイグによるGoogle 認証の脆弱性についてのプレゼンテーションは全てのGoogleユーザのセキュリティを大幅に向上させました。 クレイグは史上初のDEFCON22 のSOHOpelessly Brokenコンテストにおいてトラック0とトラック1で優勝し、SOHO無線ルータの10個のゼロデイ脆弱性を実証しました。
Craig Young has contributed 54 posts to The State of Security.