How Sarbanes-Oxley changed the information security profession


This article can also be found in the Premium Editorial Download "Information Security magazine: Reflections on the impact of Sarbanes-Oxley."

Download it now to read this article plus other related content.


Researchers to Watch

Shaping the next 10 years of information security

Dino Dai Zovi Dino Dai Zovi dares hack where few bother: the Mac OS X platform. The former @stake and Matasano Security researcher is known for his Vitriol rootkit that targets the Mac OS X kernel, as well as KARMA, the wireless security assessment software.

Joanna Rutkowska Joanna Rutkowska has been the star of a couple of Black Hat Briefings with her virtual rootkit presentations, in particular the Blue Pill root-kit, which she claims is undetectable even on 64-bit Vista systems. This year, Rutkowska demonstrated it was possible to defeat hardware-based memory acquisition.

Billy Hoffman HP's acquisition of SPI Dynamics netted it one of the brightest Web application hackers in the business. Billy Hoffman is front and center with his research on Java and browser security, and his Jikto tool, which exploits cross-site scripting holes, opened plenty of eyes this year. Hoffman got an early start on hacking; while at Georgia Tech, he developed a tool that analyzes data on magnetic strips.

Nate Lawson Nate Lawson's current research on embedding security into devices figures to have long-standing impact on information security. Lawson, who way back helped design the RealSecure

    Requires Free Membership to View

IDS, has designed the B+ DRM scheme that was adopted for inclusion in Blu-ray disks.

Adrian Perrig Adrian Perrig is one of the brightest researchers at Carnegie Mellon University's CyLab. An assistant professor of electrical and computer engineering, Perrig is working to embed security into a redesigned Internet. He's also part of a team that developed an antiphishing tool called Phoolproof Phishing that leverages a mobile device to authenticate users and servers.

David Maynor/Robert Graham Two ISS veterans, David Maynor and Robert Graham, run consultancy Errata Security, but like Dai Zovi, spend their spare time keeping vendors honest. Maynor's infamous Mac-Book Wi-Fi hack demonstration at Black Hat two years ago blazed the trail; Graham followed this year with a presentation of a tool that hijacks user sessions on Web-based mail programs and social networking sites.


This was first published in January 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: