Parisa Tabriz | |
---|---|
Born | 1983 (age 40–41) |
Nationality | American |
Occupation | Computer security engineer |
Known for |
|
Parisa Tabriz is an American computer security expert who works for Google as a Vice President of engineering. She is known professionally by her semi-official job title, "Security Princess". [1] [2] [3]
Parisa Tabriz was born to an Iranian father, a doctor, and an American mother, a nurse, of Polish-American descent. [1] She grew up in the suburbs of Chicago and is the older sister of two brothers. [1] Tabriz was not exposed to coding and computer science until her first year at university. [4]
Tabriz initially enrolled at the University of Illinois at Urbana–Champaign to study computer engineering, but soon became interested in computer science instead. [4] [5] She completed a bachelor of science and master of science degree at the university [4] [6] and did research in wireless security and attacks on privacy-enhancing technologies, co-authoring papers with her advisor Nikita Borisov. [5] [7] [8] She was an active member of a student club interested in computer security, which she joined because her own website was hacked. [4]
Tabriz was offered a summer internship with Google's security team while at college, [9] and joined the company a few months after her graduation in 2007. [1] [10] While preparing to attend a conference in Tokyo with Google, she decided to use the job title "Security Princess" on her business card rather than the conventional "information security engineer" since it sounded less boring and considered it ironic. [1] [2] Tabriz trained Google staff interested in learning more about security and worked with youth at DEFCON and Girl Scouts of the USA to expose a more diverse set of people to the field of computer security. [11] [1] [12]
In 2013, Tabriz took over responsibility for the security of Google Chrome.
In 2013, Tabriz conducted the talk "Got SSL?" at the Chrome Dev Summit. [13]
In 2014, Tabriz started an effort to drive adoption of the HTTPS protocol. [14] [15] In 2015, less than 50% of traffic seen by Chrome was over HTTPS, and by 2019, the percentage of HTTPS traffic had increased to 73-95% across all platforms. [16] Tabriz has spoken out against government interception of HTTPS connections on the public Internet. [17]
In 2014 Tabriz conducted the talk "Do Know Evil" at the Chrome Developers Conference. [18]
In 2016, Tabriz took over responsibility for Project Zero, an offensive security research group. [3] [19]
In 2016 Tabriz was the keynote speaker at the Python Conference (PyCon) in Portland, Oregon. [20]
In 2018, Tabriz was the keynote speaker at Black Hat Conference. [21]
In 2018, in response to the RSA Conference having only one non-male keynote speaker in a line-up of 20 keynotes, Tabriz co-founded the Our Security Advocates conference, OURSA. In only five days, Tabriz and organizers pulled together a speaker line-up consisting of expert speakers from under-represented backgrounds, 14 speakers of which were women. [22]
In 2020, Tabriz became head of product, Engineering, & UX, Chrome. [23]
In 2012, Forbes included her in their "Top 30 People Under 30 To Watch in the Technology Industry" list. [1] [24]
In 2017, Wired included her in their list of 20 Tech Visionaries. [25]
In 2018, Fortune included her in their annual "40 under 40" most influence young people in business list. [26]
In cryptography and computer security, a man-in-the-middle (MITM) attack, or on-path attack, is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, where in actuality the attacker has inserted themselves between the two user parties.
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.
Peiter C. Zatko, better known as Mudge, is an American network security expert, open source programmer, writer, and hacker. He is currently the chief information officer of DARPA. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the computer and culture hacking cooperative the Cult of the Dead Cow.
Comodo Security Solutions, Inc., is a cybersecurity company headquartered in Bloomfield, New Jersey. Under the brand Sectigo, the company acts as a web Certificate authority (CA) and issues SSL/TLS certificates.
Black Hat Briefings is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together a variety of people interested in information security ranging from non-technical individuals, executives, hackers, and security professionals. The conference takes place regularly in Las Vegas, Barcelona, London and Riyadh. The conference has also been hosted in Amsterdam, Tokyo, and Washington, D.C. in the past.
Matthew Cutts is an American software engineer. Cutts is the former Administrator of the United States Digital Service. He was first appointed as acting administrator, to later be confirmed as full administrator in October 2018. Cutts previously worked with Google as part of the search quality team on search engine optimization issues. He is the former head of the web spam team at Google.
Mwende Window Snyder, better known as Window Snyder, is an American computer security expert. She has been a top security officer at Square, Inc., Apple, Fastly, Intel and Mozilla Corporation. She was also a senior security strategist at Microsoft. She is co-author of Threat Modeling, a standard manual on application security.
Matthew Rosenfeld, better known by the pseudonym Moxie Marlinspike, is an American entrepreneur, cryptographer, and computer security researcher. Marlinspike is the creator of Signal, co-founder of the Signal Technology Foundation, and served as the first CEO of Signal Messenger LLC. He is also a co-author of the Signal Protocol encryption used by Signal, WhatsApp, Google Messages, Facebook Messenger, and Skype.
Niels Provos is a German-American researcher in security engineering, malware, and cryptography. He received a PhD in computer science from the University of Michigan. From 2003 to 2018, he worked at Google as a Distinguished Engineer on security for Google. In 2018, he left Google to join Stripe as its new head of security. In 2022, Provos left Stripe and joined Lacework as head of Security Efficacy.
Eric Hughes is an American mathematician, computer programmer, and cypherpunk. He is considered one of the founders of the cypherpunk movement, alongside Timothy C. May and John Gilmore. He is notable for founding and administering the Cypherpunk mailing list, authoring A Cypherpunk's Manifesto, creating and hosting the first anonymous remailer, and coining the motto, "Cypherpunks write code".
HTTPS Everywhere is a discontinued free and open-source browser extension for Google Chrome, Microsoft Edge, Mozilla Firefox, Opera, Brave, Vivaldi and Firefox for Android, which was developed collaboratively by The Tor Project and the Electronic Frontier Foundation (EFF). It automatically makes websites use a more secure HTTPS connection instead of HTTP, if they support it. The option "Encrypt All Sites Eligible" makes it possible to block and unblock all non-HTTPS browser connections with one click. Due to the widespread adoption of HTTPS on the World Wide Web, and the integration of HTTPS-only mode on major browsers, the extension was retired in January 2023.
Project Zero is a team of security analysts employed by Google tasked with finding zero-day vulnerabilities. It was announced on 15 July 2014.
Credential stuffing is a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords, and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application. Unlike credential cracking, credential stuffing attacks do not attempt to use brute force or guess any passwords – the attacker simply automates the logins for a large number of previously discovered credential pairs using standard web automation tools such as Selenium, cURL, PhantomJS or tools designed specifically for these types of attacks, such as Sentry MBA, SNIPR, STORM, Blackbullet and Openbullet.
HackMIT is an annual student-run hackathon held in the fall at the Massachusetts Institute of Technology.
Eva Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation (EFF) and technical advisor for the Freedom of the Press Foundation. She is noted for her extensive work in protecting global privacy and free speech and for her research on malware and nation-state spyware.
Robert E. Joyce is an American cybersecurity official who served as special assistant to the President and Cybersecurity Coordinator on the U.S. National Security Council. He also began serving as White House Homeland Security Adviser to President Donald Trump on an acting basis after the resignation of Tom Bossert from April 10, 2018, to May 31, 2018. He completed his detail to the White House in May 2018 and returned to the National Security Agency, where he served as the Senior Advisor to the Director NSA for Cyber Security Strategy, until July 2019 when he went to London and served in the US Embassy as the NSA's senior cryptologic representative to the UK. Joyce previously performed as acting Deputy Homeland Security Advisor since October 13, 2017. On January 15, 2021, the NSA announced that Joyce would replace Anne Neuberger as its Director of Cybersecurity.
SwiftOnSecurity is a pseudonymous computer security expert and influencer on Twitter, Mastodon, and Bluesky, inspired from Taylor Swift. As of May 2024, they have over 405,400 followers. The account was originally created to post Taylor Swift-related memes about the Heartbleed bug. The name was chosen due to Swift's caution with regard to digital security, and the account's original focus on cybersecurity. The account has been cited in news articles about computer security. They are a Microsoft MVP, and work as an endpoint monitoring lead for a Fortune 500 company. Their blog contains general computer security advice, with a large amount dedicated to Windows and phishing.
Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include APT44, Telebots, Voodoo Bear, IRIDIUM, Seashell Blizzard, and Iron Viking.
The Privacy Sandbox is an initiative led by Google to create web standards for websites to access user information without compromising privacy. Its core purpose is to facilitate online advertising by sharing a subset of user private information without the use of third-party cookies. The initiative includes a number of proposals, many of these proposals have bird-themed names which are changed once the corresponding feature reaches general availability. The technology include Topics API, Protected Audience, Attribution Reporting, Private Aggregation, Shared Storage and Fenced Frames as well as other proposed technologies. The project was announced in August 2019.
Adrienne Porter Felt is an American computer scientist.
I knew I'd have to hand out my card and I thought Information Security Engineer sounded so boring. Guys in the industry all take it so seriously, so security princess felt suitably whimsical.
{{cite book}}
: |work=
ignored (help)CS1 maint: location missing publisher (link){{cite journal}}
: Cite journal requires |journal=
(help)