Post Job Free
Sign in

Security Software Engineer

Location:
Hawthorne, NY
Posted:
November 22, 2012

Contact this candidate

Resume:

Salvatore Guarnieri

** ******* **

Hawthorne, NY 10532

*********.*********@*****.***

http://www.sammyg.org

Education

The University of Washington : September 2006 - June 2010

Degree Masters of Science in Computer Science

Location Seattle, WA

Area of Research Program Analysis for Web Languages

Languages Used C#, JavaScript, Python, C, C++, Java, OCaml

Honors and Accomplishments

Recipient of the Dinning-Wolf Endowed Regental Fellowship (2006-2008)

Recipient of the Boeing Company Fellowship (2006-2007)

GPA 3.70/4.00

The University of Virginia : September 2002 - May 2006

Degree Bachelor of Science

Location Charlottesville, VA

Major Computer Science (Computer Graphics and Computer Security concentration)

Minor Biomedical Engineering

Honors and Accomplishments

Finalist for the Computing Research Association's Outstanding Undergraduate Award (2006)

Major GPA 3.88/4.00

Overall GPA 3.53/4.00

Work Experience

IBM : January 2011 - Current

Location Hawthorne, NY

Title Software Engineer

Summary Working on analyses targeted at improving mobile application development. Specifically,

working on analyses for JavaScript, Android (Java), and Java to detect security and reliability problems.

Primary Language Used Java

IBM Research : June 2010 - January 2011

Location Hawthorne, NY

Title Intern, worked with Marco Pistoia

Summary I worked on precise JavaScript and Java analyses. During the course of the internship I

developed several analyses to detect or prevent security problems in several web languages. One of the

analyses I developed was Actarus, which was a precise tainting analysis for JavaScript.

Primary Language Used Java

Microsoft Research : October 2008 - February 2009

Location Redmond, WA

Title Intern, worked with Ben Livshits

Summary I developed Gatekeeper, a tool that statically analyzes JavaScript widgets to identify possible

security or reliability problems. The tool was aimed at widgets that were present on the live.com web

portal. Gatekeeper was designed to execute on a widget after it was submitted but before the widget was

listed in a directory of available widgets. Gatekeeper was designed to ensure unreliable widgets would

not make it to the directory of downloadable widgets. I was responsible for creating, testing, and

improving the tool. I was also partially responsible for the tool's technical report and presentation at

meetings and talks.

Primary Language Used C#

Publications

Frameworks for Frameworks

Manu Sridharan, Shay Artzi, Marco Pistoia, Salvatore Guarnieri, Omer Tripp, Ryan Berg

OOPSLA 2011

Saving the World Wide Web from Vulnerable JavaScript

Salvatore Guarnieri, Marco Pistoia, Omer Tripp, Julian Dolby, Stephen Teilhet, Ryan Berg

ISSTA 2011

GULFSTREAM: Staged Static Analysis for Streaming JavaScript Applications

Salvatore Guarnieri, Ben Livshits.

USENIX WebApps 2010

Gatekeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code

Salvatore Guarnieri, Ben Livshits.

USENIX Security 2009

Automatically Hardening Web Applications Using Precise Tainting

Anh Nguyen-Tuong, Salvatore Guarnieri, Doug Greene, Jeffrey Shirley and David Evans.

IFIP International Information Security Conference 2005

Talks

Actarus: Saving the World Wide Web from Vulnerable JavaScript

ISSTA, July 2011

Gulfstream: Staged Static Analysis for Streaming JavaScript Applications

USENIX WebApps, June 2010

Gatekeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code

Dagstuhl Seminar on Web Application Security, March 2009

Automatically Hardening Web Applications Using Precise Tainting

Works In Progress talk at USENIX Security Symposium, August 2005

Automatically Hardening Web Applications Using Precise Tainting

IFIP International Information Security Conference (SEC 2005), May 2005

Automatic Protection from Internet Attacks

University of Virginia Undergraduate Research Network Spring Symposium, April 2005

Teaching Experience

Graduate Teaching Assistant at The University of Washington

Class CSE505 - Concepts of Programming Languages

Quarters Autumn 2009

Class CSE451 - Operating Systems

Quarters Winter 2010, Spring 2010

Undergraduate Teaching Assistant at The University of Virginia

Class CS445 - Introduction to Computer Graphics

Semesters Spring 2005

Class CS216 - Program and Data Representation

Semesters Fall 2004, Spring 2005, Fall 2005, Spring 2006



Contact this candidate