Gary McGraw

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Gary McGraw is an American computer scientist, author, and researcher.

Gary McGraw
Alma materPhD, Cognitive Science and Computer Science - Indiana University B.A. Philosophy - University of Virginia
TitleVice President of Security Technology at Synopsys, Inc.


McGraw holds a dual PhD in Cognitive Science and Computer Science from Indiana University and a BA in Philosophy from the University of Virginia.[1] His doctoral dissertation is titled "Letter Spirit: Emergent High-Level Perception of Letters Using Fluid Concepts."[2]


McGraw was the Vice President of Security Technology at Synopsys.[3] Before Cigital was acquired by Synopsys, he was Chief Technical Officer at Cigital.[4] He produced the Silver Bullet Security Podcast for IEEE Security & Privacy magazine (syndicated by informIT). [5] Gary McGraw serves on the Dean's Advisory Council for the School of Informatics of Indiana University. He also serves on the advisory boards of several companies,[6] including Dasient (acquired by Twitter), Fortify Software (acquired by Hewlett-Packard), Max Financial, Invotas, Wall+Main, Invincea (acquired by Sophos), and Raven White. In the past, Gary McGraw has served on the IEEE Computer Society Board of Governors.[citation needed]


Gary is an author of many books and over 100 peer-reviewed publications on IT security.

  • Software Security: Building Security In, ISBN 978-0-321-35670-3
  • Exploiting Software: How to Break Code (with Greg Hoglund), ISBN 978-0-201-78695-8
  • Building Secure Software: How to Avoid Security Problems the Right Way (with John Viega), ISBN 978-0-321-77495-8
  • Java Security (with Edward Felten), ISBN 978-0-471-17842-2
  • Exploiting Online Games: Cheating Massively Distributed Systems (with Greg Hoglund), ISBN 978-0-13-227191-2
  • Software Security Engineering: A Guide for Project Managers (with Julia H. Allen, Sean J. Barnum, Robert J. Ellison, and Nancy R. Mead) ISBN 978-0-321-50917-8
  • Software Fault Injection (with Jeffrey M. Voas) ISBN 978-0-471-18381-5
  • Securing Java: Getting Down to Business with Mobile Code (with Edward Felten), ISBN 978-0-471-31952-8


  1. ^ "The University of Virginia". Retrieved 2015-10-02.
  2. ^ McGraw, Gary (1995). "Indiana University, Bloomington IN". Indiana University. The Center for Research on Concepts and Cognition. Archived from the original on 10 September 2015. Retrieved 2 October 2015.
  3. ^ "Software Security Expert Opinion | Gary McGraw". Retrieved December 21, 2017.
  4. ^ Mills, Elinor (2010-05-12). "Gary McGraw on developing secure software (Q&A)". CNet.
  5. ^ McGraw, Gary; Migues, Sammy (2010-12-29). "Driving Efficiency and Effectiveness in Software Security". InformIT.
  6. ^ "Business". Retrieved 2015-10-02.


External links[edit]