To stay at the forefront of innovation and security, we created a Technical Advisory Board (TAB) for our secure virtual web browser, Passages. Composed of a distinguished group of cybersecurity experts and visionaries, the TAB will aggressively challenge the Passages development team and drive security and functionality improvements, while helping to ensure Passages remains user friendly and aligns with today’s modern business practices. We are pleased to introduce our TAB members below.

Gary McGraw, PH.D. (Chairman)

Chief Technology Officer, Cigital

Gary McGraw is the Chief Technology Officer of Cigital, where he is responsible for technology transfer, services outreach, and corporate strategy. As part of his position, Gary is a trusted advisor of many Cigital customers at the highest levels. Gary is also an advisor for several companies, including Maxmyinterest, Codiscope, and Ravenwhite Security.

Gary helped spearhead the field of software security. He got into the field by questioning why Java encountered so many issues in the 1990’s. In 2000, Gary wrote Building Secure Software with John Viega, which was the first software security book in the world. Gary has written 12 books, and is the bestselling author of Software Security.

Gary is also a philanthropist associated with the Blue Ridge Area Food Bank, Kiva, Where’s Aubrey, and The Leukemia & Lymphoma Society. In addition to being an accomplished musician, featured in two bands, Gary enjoys travel, collecting art, and spending time on his “pretend” farm in Clarke County, VA.

Yanek Korff

Principal, Korff Consulting

Yanek Korff is an information security and operations executive with experience in threat detection and response, security operations, development, and infrastructure management. He has supported and led businesses (and more importantly, people) through periods of economic decline and in high growth environments. He has established and grown the world’s most effective threat detection and response capability available commercially.

Through Korff Consulting, Yanek provides strategic consultative and advisory services to companies in the information security space or considering entering the space. He also supports market research through organizations like Gerson Lehrman Group (GLG) and AlphaSights.

Before Korff Consulting, Yanek was the VP & CTO of FireEye as a Service. He also held the position of VP Managed Defense of Mandiant for 5 years. As VP, Yanek established, grew, and managed a services line of business, which provided advanced threat focused host- and network-based detection, and response services to clients in the U.S. Government and Global 1000.

Marcus J. Ranum

Senior Strategist, Tenable Network Security

Marcus J. Ranum is a world-renowned expert on security system design and implementation. He is recognized as an early innovator in firewall technology, and the implementer of the first commercial firewall product.

Since the late 1980's, he has designed a number of groundbreaking security products including the DEC SEAL, the TIS firewall toolkit, the Gauntlet firewall, and NFR's Network Flight Recorder intrusion detection system. He has been involved in every level of operations of a security product business, from developer, to founder and CEO of NFR. Marcus has served as a consultant to many FORTUNE 500 firms and national governments, as well as serving as a guest lecturer and instructor at numerous high-tech conferences.

In 2001, he was awarded the TISC “Clue” award for service to the security community, and the ISSA Lifetime Achievement Award. Marcus is Chief Of Security for Tenable Network Security, where he is responsible for research in open source logging tools and product training. He serves as a technology advisor to a number of start-ups, established concerns, and venture capital groups.

Fred B. Schneider

Chairman of the Department of Computer Science, Cornell

Fred B. Schneider is the Samuel B. Eckert Professor of Computer Science at Cornell University and chair of the department. He joined Cornell's faculty in Fall 1978, having completed a Ph.D. at Stony Brook University and a B.S. in Engineering at Cornell in 1975.

Schneider was elected Fellow of the American Association for the Advancement of Science (1992), the Association of Computing Machinery (1995), and the Institute of Electrical and Electronics Engineers (2008). He was named Professor-at-Large at the University of Tromso (Norway) in 1996 and was awarded a Doctor of Science honoris causa by the University of Newcastle-upon-Tyne in 2003 for his work in computer dependability and security.

Schneider is a frequent consultant to industry, believing this to be an efficient method of technology transfer and a good way to learn about the real problems. He provides technical expertise in fault-tolerance and computer security to a variety of other firms, including Intel, Lincoln Laboratories, and Riskive. In addition, Schneider has testified about cybersecurity research at hearings of the U.S. House of Representatives Armed Services Committee (subcommittee on Terrorism, Unconventional Threats, and Capabilities), as well as the Committee on Science and Technology (subcommittee on Technology and Innovation and subcommittee on Research and Science Education).

Adam Shostack

President, Shostack & Associates

Adam Shostack is an entrepreneur, technologist, author, and game designer, focused on improving security outcomes for his customers and the industry as a whole. To solve these problems, he creates a wide variety of companies and organizations, software, new analytic frameworks, as well as books, games, and other forms of communication. He has built these at small startups and at Microsoft.

In his time at Microsoft, Adam focused on human factors in security, including usable security and measuring how customers' computers are compromised. He also worked on threat modeling tools and techniques, and has shipped two tools (one software, one a card game) to help software engineers analyze their software designs for security flaws. In that role, Adam was a key driver for Microsoft's Software Development Lifecycle.

Before Microsoft, he was a leader in three successful startups. He also helped drive the CVE project, launch the International Financial Cryptography Association, and the Privacy Enhancing Technologies Symposium.

John L. Manferdelli

Practice Professor of Computer Science and Executive Director, Northeastern Institute for Cybersecurity and Privacy

Before working at Northeastern, John was Engineering Director for Production Security at Google. Prior to that, he was the Co-Director of the Intel Science and Technology Center at UC, Berkeley. John spent seventeen years at Microsoft Corporation as a distinguished engineer, managing Windows Security and a security research group, and also served as Director of Innovation. He founded and was CEO of Natural Language Incorporated, which was sold to Microsoft in 1995. Prior to that, he was a Principal Researcher at Bell Telephone Laboratories, a mathematician at Lawrence Livermore Laboratory, and was a member of the technical staff at TRW Corporation. John also taught computer science at Stevens Institute of Technology, University of Washington, and University of California, Berkeley.

John completed a Ph.D. in Mathematics from University of California at Berkeley and a B.S. in Physics from Cooper Union. John has served on several government advisory boards. His hobbies mirror his technical career and include combinatorial mathematics, astronomy, and electronics. John is also a licensed radio amateur.