━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
ENTERPRISE SECURITY ARCHITECT · ENGINEERING
LEADER · COMPUTER SCIENTIST
Diego Zamboni
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
1 Key skills
════════════
Leadership
29 years of multidisciplinary team and project leadership
experience; IT Enterprise Architecture; [Scaled Agile Framework]
(SAFe) Architect and Product Owner.
Computer Security
Enterprise security architecture; virtualization and cloud
computing security; risk management and compliance; intrusion
detection and prevention; operating systems and network
security; software security and secure software development;
[CISSP] certification.
Communications
Excellent written and spoken communication skills, extensive
public speaking, writing and teaching experience.
Systems and Development
Unix/Linux systems engineering and administration, system health
management and monitoring, cloud platforms, software
development, configuration management.
Research
Ph.D. in Computer Science, 9 years of experience at IBM
Research.
[Scaled Agile Framework]
[CISSP]
2 Professional highlights
═════════════════════════
• 18 years of experience in education and research, 11 years of
industry experience.
• Management and leadership, IT security, cloud computing
⁃ Manage security architecture, risk management, data governance and
compliance (ISO27001, ISAE3402/3000, etc.) for [Swisscom’s Cloud
platforms].
⁃ Established and lead the Swisscom IT Clouds security community of
practice.
⁃ Established and led the /Health and State Management/ team at
Swisscom to design, implement and operate a framework for scalable
monitoring, logging and alerting for Swisscom’s Cloud platforms.
⁃ Established and led the first computer security organization at
UNAM, which has grown into the university’s [Information Security
Coordination (UNAM-CERT)].
⁃ Managed IT security customer relationships at HP Enterprise
Services, including overseeing the activities of operational and
engineering teams, risk and compliance management, requirements
discussion and reporting.
⁃ Managed the CFEngine language product roadmap.
• Research, architecture and design
⁃ Designed the /Orchard/ monitoring framework for Swisscom’s
/Application Cloud/ platform, and led the team that implemented it
and brought it into production.
⁃ Designed and implemented the /Billy Goat/ malware capture and
analysis system at IBM.
• Communications and community
⁃ Author of multiple books including [/Learning CFEngine/],
[/Learning Hammerspoon/] and [/Literate Configuration/].
⁃ [Program chair and program committee member for multiple
conferences] including the RAID symposium, DIMVA conference, the
/Computer Security Day/ and /Computer Security/ conference at
UNAM, and others.
⁃ Member of the Editorial Board of the Computers & Security Journal.
[Swisscom’s Cloud platforms]
[Information Security Coordination (UNAM-CERT)]
[/Learning CFEngine/]
[/Learning Hammerspoon/]
[/Literate Configuration/]
[Program chair and program committee member for multiple conferences]
See section 11
3 Experience
════════════
Swisscom
────────
LOCATION: Switzerland
FROM: 2015
Enterprise Architect and IT Clouds Solution Security Architect
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2019-04-01>
• As an /Enterprise Architect/, I participate in the design of future
products and solutions offered by Swisscom, in collaboration with
architects from all other divisions of the company.
• As /Solution Security Architect for [Swisscom’s Cloud Platforms]/
—which include /Enterprise Service Cloud/, /Enterprise Application
Cloud/, /Dynamic Computing Services/, /Enterprise Cloud for SAP
Applications/ and related services— I am responsible for the
security, compliance and data governance of those services. I
define, prioritize and drive relevant product features and business
goals. I also lead the IT Clouds Security Community of Practice and
advise engineering teams on compliance, governance and operational
activities.
• Selected achievements and activities:
⁃ Ensure cloud platform and service compliance with internal,
contractual and regulatory standards, including ISO27001,
ISAE3402/3000 and GDPR.
⁃ Establish and currently lead a community of around 30 /Security
Champions/ from different teams, who drive security initiatives
and promote the security culture within the Swisscom IT Clouds
organization.
⁃ Coordinate threat modelings, audits, penetration tests and
security compliance reporting.
⁃ Coordinate organization- and team-wide processes for risk and
vulnerability management.
⁃ Development of the Swisscom /Platforms/ vision for 2025.
[Swisscom’s Cloud Platforms]
Team Lead & Product Owner for Health & State Management
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2016-03-01>
TO: <2019-04-01>
• I built and led a team which evolved on par with Swisscom cloud
platforms to provide their monitoring and logging capabilities. My
responsibilities included people management (up to 16 people),
definition and prioritization of requirements and roadmaps (in
collaboration with Product Managers and other stakeholders),
technical architecture, and managing the planning and execution of
team activities.
• Selected achievements:
• Led the transition of the /Enterprise Cloud/ LEMM (Logging, Event
Management and Monitoring) and Access & Inventory frameworks into
maintenance mode as the platform was retired.
• Defined the scope and mission of the Health and State Management
(HSM) team as part of the new [/Enterprise Service Cloud/]
project, and later of other platforms as the /IT Clouds/ scope
expanded to [/Application Cloud/], [/Enterprise Cloud for SAP
Solutions/] and [/Dynamic Computing Services/].
• Defined the logging and monitoring architecture for the
/Enterprise Service Cloud/ platform based on VMware vRealize
Operations and vRealize Log Insight.
• Led the transition of the /Application Cloud/ platform monitoring
from the Orchard framework to a TICK-based framework.
• Defined architecture and oversaw implementation of the Customer
Log Forwarding service.
• Managed business relationship and technical implementation of
OpsGenie for alert management in IT Clouds.
• Main technologies involved: VMware vSphere (ESX, vCenter, NSX),
VMware vRealize Operations Manager and Log Insight, Ansible
(configuration management), OpsGenie (alert management).
[/Enterprise Service Cloud/]
[/Application Cloud/]
[/Enterprise Cloud for SAP Solutions/]
[/Dynamic Computing Services/]
Cloud Architect and Orchard Project Lead
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
EMPLOYER: Swisscom
LOCATION: Switzerland
FROM: <2015-08-01>
TO: <2016-03-01>
• Managed a team of three people and led the /Orchard/ project through
its implementation, production release and further improvements and
development.
Swisscom Cloud Lab
──────────────────
LOCATION: U.S.A. (remote)
FROM: 2014
TO: 2015
Senior Platform Architect
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2014-08-01>
TO: <2015-07-31>
• Designed the architecture and implemented the initial prototype for
the /Orchard/ health-management and self-healing framework for
Swisscom’s /Application Cloud/ Platform-as-a-Service service.
• Main technologies involved: OpenStack (cloud computing
infrastructure), Cloud Foundry (application platform), Consul
(health management and service discovery), RabbitMQ (message bus),
Riemann (event analysis).
CFEngine AS
───────────
LOCATION: Norway/U.S.A. (remote)
FROM: 2011
TO: 2014
Product Manager
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2013-08-01>
TO: <2014-06-30>
• Managed the CFEngine language roadmap.
• Coordinated the [CFEngine Design Center] project.
• Coordinated the work on CFEngine third-party integration (e.g. AWS
EC2, VMware, Docker and OpenStack).
• Developed code for both the Design Center core and its integrations.
[CFEngine Design Center]
Senior Security Advisor
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2011-10-01>
TO: <2014-06-30>
• CFEngine Advocate, with a special focus on security.
• Wrote the book [/Learning CFEngine 3/], published by O’Reilly Media,
which became the de facto introductory text to CFEngine.
• Gave talks, wrote articles and blog posts, taught classes, and in
general spread the word about CFEngine.
• Developed and implemented the strategy for CFEngine as a security
component.
[/Learning CFEngine 3/]
Boundless Innovation and Technology
───────────────────────────────────
LOCATION: Mexico
FROM: 2012
TO: 2014
Cofounder, Head of Research and Training
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2012-07-01>
TO: <2014-07-31>
• I advised and coordinated teams working on teaching- and
security-related products, consulting and services.
HP Enterprise Services
──────────────────────
LOCATION: Mexico
FROM: 2009
TO: 2011
Account Security Officer
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2010-10-01>
TO: <2011-10-01>
• Acted as first point of contact for all security-related issues for
five HP enterprise customers in Mexico.
• Initiated, advised and managed security-related projects.
• Handled communication and coordination between technical teams
involved in security initiatives.
• Involved in all security-related decisions at the sales, design,
implementation, delivery and ongoing maintenance stages of IT
Outsourcing projects.
IT Outsourcing Service Delivery Consultant
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2009-11-01>
TO: <2010-10-01>
• Helped multidisciplinary customer teams (software engineering, IT
management, networking, sales and support) by solving complex
problems in customer environments.
• Performed analysis, design and implementation of solutions in
multiple areas of expertise, including system automation,
configuration management, system administration, system design,
virtualization, performance and security.
IBM Zurich Research Lab
───────────────────────
LOCATION: Switzerland
FROM: 2001
TO: 2009
Research Staff Member
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <2001-10-01>
TO: <2009-10-01>
• I was a member of the [/Global Security Analysis Laboratory/]
(GSAL), where I worked in intrusion detection, malware detection and
containment, and virtualization security research projects.
• See [/Research/] for details of my research.
[/Global Security Analysis Laboratory/]
[/Research/] See section 7
Sun Microsystems
────────────────
LOCATION: U.S.A.
FROM: 1997
TO: 1997
Developer (Intern)
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <1997-05-01>
TO: <1997-08-01>
• Developer for the /Bruce/ host vulnerability scanner, later released
as the [Sun Enterprise Network Security Service] (SENSS).
• Designed and implemented the first version of the network-based
components of /Bruce/, which allowed it to operate on several hosts
in a network, controlled from a central location.
[Sun Enterprise Network Security Service]
National Autonomous University of Mexico (UNAM)
───────────────────────────────────────────────
LOCATION: Mexico
FROM: 1991
TO: 1996
Head of [Computer Security Area]
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <1995-08-01>
TO: <1996-08-01>
• Founded UNAM’s /Computer Security Area/, the University’s first team
dedicated to computer security, which has evolved into the
[/Information Security Coordination (UNAM-CERT)/].
• Managed up to nine people working on different projects related to
computer security.
• Managed security monitoring for a Cray supercomputer and 22 Unix
workstations.
• Provided security services to the whole University, including
incident response, security information, auditing and teaching.
• Established the celebration of the /International Computer Security
Day/ (sponsored by the Association for Computing Machinery) at UNAM.
Acted as the main organizer of the event for two years (1994 and
1995). This event has grown and evolved into the [/Computer Security
Day/] and the [/Computer Security Congress/].
• Designed and headed development of an audit-analysis tool for Unix
systems (SAINT) \cite{zamboni96:saint}.
[Computer Security Area]
[/Information Security Coordination (UNAM-CERT)/]
[/Computer Security Day/]
[/Computer Security Congress/]
System Administrator
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: <1991-11-01>
TO: <1995-08-01>
• System administrator at UNAM’s Supercomputing Center, managing a
[Cray Y-MP Supercomputer] and related systems.
• Managed the Network Queuing Subsystem (NQS),
• Managed and provided support for 22 Unix workstations.
• Monitored the security of the Cray supercomputer and related
workstations.
• Other responsibilities: user administration, operating system
installation, resource management, security policies.
[Cray Y-MP Supercomputer]
4 Education
═══════════
Ph.D. in Computer Science
─────────────────────────
LOCATION: West Lafayette, IN, U.S.A.
SCHOOL: Purdue University
FROM: <1996-08-01>
TO: <2001-08-01>
• Thesis title: [/Using Internal Sensors for Computer Intrusion
Detection/].
• Advisor: [Eugene H. Spafford].
[/Using Internal Sensors for Computer Intrusion Detection/]
[Eugene H. Spafford]
M.S. in Computer Science
────────────────────────
LOCATION: West Lafayette, IN, U.S.A.
SCHOOL: Purdue University
FROM: <1996-08-01>
TO: <1998-05-01>
• Advisor: [Eugene H. Spafford].
[Eugene H. Spafford]
Bachelor’s degree in Computer Engineering
─────────────────────────────────────────
LOCATION: Mexico City, Mexico
SCHOOL: National Autonomous University of Mexico (UNAM)
FROM: <1989-08-01>
TO: <1995-07-01>
• Thesis title: [UNAM/Cray Project for Security in the Unix Operating
System] (in Spanish, original title: /Proyecto UNAM/Cray de
Seguridad en el Sistema Operativo Unix/).
[UNAM/Cray Project for Security in the Unix Operating System]
5 Languages
═══════════
Spanish
native
English
full professional proficiency
German
basic proficiency (B1 level)
6 Certifications
════════════════
[Certified Information Systems Security Professional (CISSP)]
─────────────────────────────────────────────────────────────
ORGANIZATION: (ISC)², the International Information System Security Certification Consortium
LOCATION: April 2019
The vendor-neutral CISSP credential confirms technical knowledge and
experience to design, engineer, implement, and manage the overall
security posture of an organization. Required by the world’s most
security-conscious organizations, CISSP is the gold-standard
information security certification that assures information security
leaders possess the breadth and depth of knowledge to establish
holistic security programs that protect against threats in an
increasingly complex cyber world.
[Certified Information Systems Security Professional (CISSP)]
[SAFe® 4 Certified Product Owner/Product Manager]
─────────────────────────────────────────────────
ORGANIZATION: Scaled Agile Inc.
LOCATION: July 2017 (not renewed)
A SAFe® 4 Certified Product Owner/Product Manager is a SAFe
professional who works with customers and development organizations to
identify and write requirements. Key areas of competency include
identifying customer needs, writing epics, capabilities, features,
stories, and prioritizing work in order to effectively deliver value
to the enterprise.
[SAFe® 4 Certified Product Owner/Product Manager]
7 Research
══════════
(see [``Publications’’] for publication reference details)
[``Publications’’] See section 14
Selected research projects at IBM
─────────────────────────────────
[Phantom]
╌╌╌╌╌╌╌╌╌
FROM: 2008
TO: 2009
• Security for VMware virtual environments using virtual machine
introspection (based on the [VMware VMsafe API]) to provide
intrusion detection and prevention capabilities.
• Publications: \cite{Christodorescu:2009:CSV:1655008.1655022}.
[Phantom]
[VMware VMsafe API]
[Billy Goat: Active worm detection and capture]
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: 2002
TO: 2008
• Billy Goat was the first instance of what is today called
/honeypots/ and /honeynets/.
⁃ An active worm-detection system, widely deployed (at the time) in
the IBM worldwide internal network. It listens for connections to
unused IP address ranges and actively responds to those
connections to accurately detect worm-infected machines, and in
many cases capture the worms themselves. Billy Goat is engineered
for distributed deployment, with each device containing standalone
detection and reporting capabilities, together with data
centralization features that allow network-wide data analysis and
reporting.
• Publications: \cite{riordan06:_build_billy_goat:first2006,
riordan05:bg_techreport}
[Billy Goat: Active worm detection and capture]
[Router-based Billy Goat]
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: 2005
TO: 2007
• An active worm-capture device deployed at the network boundary and
coupled with the border router, that allows the Billy Goat to
effectively and automatically spoof every unused IP address outside
the local network. This makes it possible for the Router-based Billy
Goat to accurately detect local infected machines and prevent them
from establishing connections to the outside, limiting the
propagation of the worms to the outside network.
• Publications: \cite{zamboni07:sruti07-rbg}
[Router-based Billy Goat]
SOC in a Box
╌╌╌╌╌╌╌╌╌╌╌╌
FROM: 2005
TO: 2007
• Integrated device containing multiple security tools: intrusion
detection, worm detection, vulnerability scanning and network
discovery. Precursor to what is today called /Unified Threat
Management/ systems.
Exorcist
╌╌╌╌╌╌╌╌
FROM: 2001
TO: 2002
• Host-based, behavior-based intrusion detection using sequences of
system calls.
Ph.D. Thesis Research
─────────────────────
[Using internal sensors and embedded detectors for intrusion detection]
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
• Study of data collection methods for intrusion detection systems.
• Implementation of novel methods for data collection in intrusion
detection systems.
• Analysis of the properties, advantages and disadvantages of internal
sensors and embedded detectors as data collection and analysis
elements in intrusion detection systems.
• Publications: \cite{zamboni01:phd-thesis,
zamboni02:sensors_detectors, kerschbaum00:network-embedded-sensors,
zamboni00:thesis-proposal, zamboni:raid2000}
[Using internal sensors and embedded detectors for intrusion detection]
Additional research projects
────────────────────────────
[Using autonomous agents for intrusion detection]
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
• Design and documentation of an architecture (AAFID) to perform
distributed monitoring and intrusion detection using autonomous
agents.
• Implementation of a prototype according to the architecture. This
prototype is [published as open source].
• Exploration of research issues in the distributed intrusion
detection area.
• Publications: \cite{spafford00:intrus_detec_auton_agent,
zamboni:aafid-acsac98, zamboni:aafid-architecture, zamboni:raid98,
zamboni00:build_aafid_with_perl, zamboni:raid99}.
[Using autonomous agents for intrusion detection]
[published as open source]
[Analysis of a denial-of-service attack on TCP/IP (Synkill)]
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
• Collaborated in the analysis of the SYN-flooding denial-of-service
attack against TCP and in the implementation of a defense tool.
• Publications: \cite{schuba97:synkill}, awarded the [2020 IEEE
Security & Privacy Test of Time Award].
[Analysis of a denial-of-service attack on TCP/IP (Synkill)]
[2020 IEEE Security & Privacy Test of Time Award]
8 System Development and Management
═══════════════════════════════════
Programming languages
Ruby, Python, C, Perl, Java, LISP family (Clojure, Racket), AWK,
Unix shells.
Development environments
Unix/Linux, Cloud Foundry, Amazon EC2, macOS.
Unix system administration
Linux (multiple distributions), OpenBSD, FreeBSD, macOS,
Solaris.
Configuration management
CFEngine, Puppet, Chef, Ansible.
Virtualization, containers and cloud
VMWare (ESX, vSphere), OpenStack, Amazon EC2, Docker, Cloud
Foundry.
Health Management and Monitoring
VMware vRealize Operations Manager, vRealize Log Insight,
Nagios, Icinga.
Other technologies
REST APIs, Riemann (event stream processing), XML and related
technologies, network programming, database programming (SQL),
kernel programming (OpenBSD and Linux), HTML.
9 Software Development Projects
═══════════════════════════════
[https://github.com/zzamboni/]
[https://gitlab.com/zzamboni]
Publicly available software projects: see [https://github.com/zzamboni/] and [https://gitlab.com/zzamboni]
──────────────────────────────────────────────────────────────────────────────────────────────────────────
[https://github.com/zzamboni/]
[https://gitlab.com/zzamboni]
Other software projects (not publicly available)
────────────────────────────────────────────────
Pilatus (IBM)
╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: 2005
TO: 2007
A system installer that allows arbitrary system installation and
configurations, allowing for both proprietary and open source
components to be installed in an automated fashion. Open source
components can be downloaded directly from their original source to
avoid distributing them.
SOC in a Box (IBM)
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: 2005
TO: 2007
A specialized Linux distribution containing multiple security services
for integrated security monitoring in small and medium networks.
Implementation includes also backend infrastructure components for
system installation, configuration and upgrade; and data
centralization, analysis and reporting.
Billy Goat (IBM)
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: 2002
TO: 2007
A specialized Linux distribution containing multiple sensors for
detection of large-scale automated attacks. Implementation includes
also backend infrastructure components for system configuration and
upgrade, data centralization, analysis and reporting.
Embedded Sensors Project (Purdue University)
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
FROM: 1999
TO: 2001
A system of sensors for intrusion detection developed in OpenBSD
through code instrumentation. Developed as part of my Ph.D. thesis
work.
10 Honors & Awards
══════════════════
IEEE Security & Privacy Test of Time Award ([IEEE S&P page], [CERIAS blog post])
────────────────────────────────────────────────────────────────────────────────
DATE: <2020-05-18>
ORGANIZATION: IEEE
LOCATION: U.S.A.
[IEEE S&P page]
[CERIAS blog post]
[CFEngine Champion]
───────────────────
DATE: 2010
ORGANIZATION: CFEngine AS
LOCATION: Norway
[CFEngine Champion]
Josef Raviv Memorial Postdoctoral Fellowship
────────────────────────────────────────────
DATE: <2001-07-01>
ORGANIZATION: IBM
LOCATION: U.S.A.
Member of [Phi Beta Delta]
──────────────────────────
DATE: <2001-04-01>
ORGANIZATION: honor society recognizing scholarly achievement
LOCATION: U.S.A.
[Phi Beta Delta]
UPE Microsoft Scholarship Award
───────────────────────────────
DATE: <2000-09-01>
ORGANIZATION: honor society recognizing scholarly achievement
LOCATION: U.S.A.
Member of [Upsilon Pi Epsilon]
──────────────────────────────
DATE: <1998-04-01>
ORGANIZATION: the ACM Computer Sciences honor society
LOCATION: U.S.A.
[Upsilon Pi Epsilon]
Fulbright Scholarship
─────────────────────
DATE: <1996-05-01>
ORGANIZATION: for pursuing Ph.D. studies at Purdue University
LOCATION: Mexico
11 Program Committees and Boards
════════════════════════════════
[Editorial Board Member]
────────────────────────
ORGANIZATION: Computers \& Security Journal
DATE: 2011--2013
[Editorial Board Member]
[Steering Committee Member]
───────────────────────────
ORGANIZATION: Intl. Symposium on Recent Advances in Intrusion Detection
DATE: 2007--2017
[Steering Committee Member]
[Program Chair]
───────────────
ORGANIZATION: 9th Intl. Symposium on Recent Advances in Intrusion Detection (RAID)
DATE: 2006
LOCATION: Germany
[Program Chair]
[Program Committee Member]
──────────────────────────
ORGANIZATION: Intl. Symposium on Recent Advances in Intrusion Detection
DATE: 2001--2005
[Program Committee Member]
Program Co-chair
────────────────
ORGANIZATION: IBM Academy of Technology Security and Privacy Symposium
DATE: 2009
[Program Chair]
───────────────
ORGANIZATION: ZISC Workshop on Security in Virtualized Environments and Cloud Computing
DATE: 2009
LOCATION: Switzerland
[Program Chair]
[Program Chair]
───────────────
ORGANIZATION: Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)
DATE: 2008
LOCATION: France
[Program Chair]
[Program Committee Member]
──────────────────────────
ORGANIZATION: IEEE Security and Privacy Symposium
DATE: 2007
LOCATION: U.S.A.
[Program Committee Member]
[Program Committee Member]
──────────────────────────
ORGANIZATION: Annual Computer Security Applications Conference (ACSAC)
DATE: 2003--2007
[Program Committee Member]
[Program Committee Member]
──────────────────────────
ORGANIZATION: Computer Security Day Conference
DATE: 1994--2000
LOCATION: Mexico
[Program Committee Member]
[Founder and organizer]
───────────────────────
ORGANIZATION: Computer Security Day Conference
DATE: 1994--1995
LOCATION: Mexico
[Founder and organizer]
12 Teaching and Advising
════════════════════════
Students
────────
Daniele Sgandurra, University of Pisa, Italy
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: Internship advisor
FROM: 2009
TO: 2009
• Project: Design and implementation of process injection using
virtual machine introspection.
Martin Carbone, Georgia Institute of Technology, U.S.A.
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: Internship advisor
FROM: 2007
TO: 2007
Project: Implementation of a proof of concept Hyperjacking attack on
Intel platform.
Urko Zurutuza Ortega, Mondragon University, Spain
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: Ph.D. co-advisor
FROM: 2005
TO: 2008
• Thesis: [Data Mining Approaches for Analysis of Worm Activity
Towards Automatic Signature Generation]
[Data Mining Approaches for Analysis of Worm Activity Towards Automatic
Signature Generation]
Milton Yates, ENST Bretagne, France
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: External Diploma Thesis advisor
FROM: 2005
TO: 2005
• Thesis: [The Router-based Billy Goat Project]
[The Router-based Billy Goat Project]
Candid Wüest, ETH Zurich, Switzerland
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: Diploma Thesis tutor
FROM: 2002
TO: 2003
• Thesis: [Desktop Firewalls and Intrusion Detection]
[Desktop Firewalls and Intrusion Detection]
Teaching
────────
CISSP training (30 hours)
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: iNetworks, Mexico (remote class)
DATE: 2020
CFEngine one-day training class (8 hours)
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: Multiple venues
FROM: 2011
TO: 2013
“Virtualization” lecture (2 hours), Systems Security class, Computer Science Dept.
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: ETH Zürich
FROM: 2011
TO: 2013
“Intrusion detection: Basic concepts and current research at IBM” class (3 hours), Information Technology Security Spring School
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: University of Lausanne
FROM: 2005
TO: 2005
“Introduction to Computer Security” class (40 hours)
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: ITESM, Mexico
FROM: 2003
TO: 2003
EE495 (“Information Extraction, Retrieval and Security”) course
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: Purdue University, U.S.A.
FROM: 2000
TO: 2000
• Co-designed eight security-related lectures and taught two of them.
• Co-designed the class project.
“SSH: Achieving secure communication over insecure channels” class
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: CSI NetSec conference, U.S.A.
FROM: 2000
TO: 2000
“Protecting your computing system” class
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: Schlumberger, U.S.A.
FROM: 1997
TO: 1997
Supercomputing Internship Program Courses
╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌
LABEL: UNAM, Mexico
FROM: 1991
TO: 1996
• Designed and taught multiple courses (10–40 hours long) on the
following topics:
• Introduction to Unix
• Unix utilities
• Unix security
• Basic Unix administration
• Advanced Unix administration
• UNICOS system administration on Cray supercomputers
13 Other Professional Activities
════════════════════════════════
[The Association for Computing Machinery (ACM)]
───────────────────────────────────────────────
POSITION: Member
DATE: 1998--
[The Association for Computing Machinery (ACM)]
[Purdue.pm], the Purdue Perl Users Group
────────────────────────────────────────
POSITION: Founder
DATE: 2000
LOCATION: U.S.A.
[Purdue.pm]
[Purdue University Chapter of Upsilon Pi Epsilon]
─────────────────────────────────────────────────
POSITION: President
DATE: 1999
LOCATION: U.S.A.
[Purdue University Chapter of Upsilon Pi Epsilon]
[Purdue University Chapter of Upsilon Pi Epsilon]
─────────────────────────────────────────────────
POSITION: Secretary
DATE: 1998
LOCATION: U.S.A.
[Purdue University Chapter of Upsilon Pi Epsilon]
14 Publications, Talks and Intellectual Property
════════════════════════════════════════════════
The list of publications is for the moment not available in the text version of my CV. Please see the full PDF version at https://zzamboni.org/vita/.
15 References
═════════════
Available by request.