Mike Schiffman has over 16 years of experience in high-tech, most of which have been spent in computer security. He has worked in several different areas including research and development, consulting, writing and training.
Mike's primary areas of expertise lie in network security, research and development, protocol analysis and tool development. He is the co-author of such network security tools as firewalk, as well as the ubiquitously used low-level packet shaping library libnet. In previous roles, Mike led consulting engagements for Fortune 500 companies in many vertical markets, including critical infrastructure, financial, automotive, manufacturing, and software.
As a sought-after speaker, Mike has presented to industry professionals at conferences such as The Blackhat Briefings, the RSA conference, and CanSecWest as well as to government agencies including the NSA, CIA, DOD, FBI, NASA, AFWIC, SAIC, and Army Intelligence. Mike has authored several books on computer security, including Building Open Source Network Security Tools (Wiley & Sons), a how-to book on rolling your own network security tools, as well as the Hacker's Challenge book series (Osborne McGraw-Hill), a line of books on computer security forensics and incident response. He also co-authored and contributed to several other books, including Hacking Exposed (Osborne McGraw-Hill) and Hack Proofing Your Network: Internet Tradecraft (Syngress Media Inc.).
Mike has written for numerous technical journals and authored many white papers on topics ranging from UNIX kernel enhancements to network protocol deficiencies. Mike is currently trying to finish his fourth book, Modern Network Infrastructure Security (Addison Wesley). Mike serves on the advisory boards of Qualys, IMG Universal, Vigilant, and Sensory Networks.
Additionally, Mike has been very active in vendor-agnostic industry committees; recently he chaired the Common Vulnerability Scoring System (CVSS) working group under the auspices of the National Infrastructure Advisory Council (NIAC), and is currently chairing the Common Vulnerability Reporting Format (CVRF) working group for the Internet Consortium for Advancement of Security on the Internet (ICASI).
Currently, Mike holds a research role at Cisco Systems. Prior to that Mike has held senior roles at the following companies: @stake, Guardent, ISS, and Cambridge Technology Partners. Mike has a CISSP certification and is interested in real-world applications of game theory.