Mike Schiffman has over 20 years of experience in high-tech, most of which have been spent in computer security. He has worked in several different areas including research and development, consulting, writing and training.
Mike's primary areas of expertise lie in network security, research and development, protocol analysis and tool development. He is the co-author of such network security tools as firewalk, as well as the low-level packet shaping library libnet. In previous roles, Mike led consulting engagements for Fortune 500 companies in many vertical markets, including critical infrastructure, financial, automotive, manufacturing, and software.
As a sought-after speaker, Mike has presented to industry professionals at conferences such as The Blackhat Briefings, the RSA conference, and CanSecWest as well as to government agencies including the NSA, CIA, DOD, FBI, NASA, AFWIC, SAIC, and Army Intelligence. Mike has authored several books on computer security, including Building Open Source Network Security Tools (Wiley & Sons), a how-to book on rolling your own network security tools, as well as the Hacker's Challenge book series (Osborne McGraw-Hill), a line of books on computer security forensics and incident response. He also co-authored and contributed to several other books, including Hacking Exposed (Osborne McGraw-Hill) and Hack Proofing Your Network: Internet Tradecraft (Syngress Media Inc.).
Mike has written for numerous technical journals and authored many white papers and blogs on topics such as UNIX kernel enhancements, TCP protocol deficiencies, NetFlow security, and novel security tooling. Mike serves on the technical advisory boards of Qualys, Inc and Pokertrip Enterprises.
Additionally, Mike has been very active in vendor-agnostic industry committees; he chaired the Common Vulnerability Scoring System (CVSS) working group under the auspices of the National Infrastructure Advisory Council (NIAC), and is currently the chair of the Common Vulnerability Reporting Format (CVRF) working group for the Internet Consortium for Advancement of Security on the Internet (ICASI).
Currently, Mike holds an applied research role at Cisco Systems. Prior to that Mike has held senior roles at the following companies: @stake, Guardent, ISS, and Cambridge Technology Partners. Mike has a CISSP certification and is interested in real-world applications of game theory.