Milton Smith
Milton Smith | |
|---|---|
| Other name | @spoofzu |
| Citizenship | American |
| Known for | Computer security |
| Scientific career | |
| Fields | Computer security |
| Institutions | Oracle Yahoo |
Milton Smith is an American computer security application developer, researcher, and writer. Smith is best known for his role leading Java platform security at Oracle during a period of high-profile security incidents in the fall of 2012. Due to the climate around Java security, in 2013 Smith was invited to present [1] by Black Hat leadership in a closed session under Non-Disclosure Agreement to top industry leaders. In the same year Smith established the first ever[2] full security track at a software developers conference, JavaOne, Oracle's premier conference for Java software developers in San Francisco, California(USA).
Organizations
Oracle
Smith continues as a principal security analyst at Oracle working strategically across company business units. Smith is an active collaborator in industry developing open source security tools for researchers as well as participating in security conference events and organizing them.[3][4] During this period Smith was Chief Technical Editor on an application security book project[5] with colleges.
Yahoo
Prior to Oracle around June 2011, Smith was leading security for the User Data Analytics(UDA) business unit at Yahoo and developed innovative security controls to secure Yahoo's click stream revenues. Smith also lead Yahoo's Enterprise Security Triage Program for monitoring enterprise vulnerabilities and tracking remediation activities.
Open Web Application Security Project (OWASP)
OWASP is one of the largest non-profit organizations of security practitioners in the world. On March 12, 2015 Smith developed DeepViolet a TLS/SSL scanning API researchers use to extend TLS/SSL scanning to their own projects. Today DeepViolet is an OWASP Incubator project. Smith is also a leader on the OWASP Security Logging API Project, an open source project extending important security features to applications that use popular logging platforms like log4j and logback.
Citations, publications, and articles
- ^ "ORACLE: ON JAVA SECURITY". www.blackhat.com. Retrieved January 17, 2017.
- ^ "JavaOne 2014 USA, Security Track Amazeballs! – securitycurmudgeon.com". www.securitycurmudgeon.com. Retrieved November 12, 2016.
- ^ "About the Sessions « All Day DevOps". www.alldaydevops.com. Retrieved November 12, 2016.
- ^ "AppSecUSA 2015 Contact the Organizers". appsecusa.org.
- ^ Manico, Jim; Detlefsen, August (September 9, 2014). Iron-Clad Java: Building Secure Web Applications (1 ed.). McGraw-Hill Education. ISBN 9780071835886.
External links
- Security Blog, securitycurmudgeon.com
Content Disclaimer
Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.
- The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
- There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
- It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
- Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
- Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.