Meet The Contributing Authors

Swapnil Deshmukh is an Information Security Specialist at Visa. He was previously a security consultant at Cigital, where he helped clients build secure mobile practices. His responsibilities included designing and implementing mobile threat modeling, implementing security coding practices, performing source code analysis, reverse engineering application binaries, and performing mobile penetration testing. Prior to working at Cigital, Swapnil held a position as a mobile threat analyst at MyAppSecurity, where he designed and implemented a mobile threat modeler. Swapnil holds an MS from George Mason University in Computer Networks and Telecommunication.

Sarath Geethakumar is Chief Information Security Specialist at Visa, Inc. He specializes in mobile platform and application security and is actively involved in security research around mobility. Sarath’s research activities have been instrumental in uncovering numerous security weaknesses with mobile device management solutions and platform security capabilities that were ethically disclosed to appropriate vendors. In addition to research, Sarath leads efforts around secure mobile application development and ethical hacking at Visa.

Sarath’s background also includes roles such as security specialist, security consultant, lead architect, and software developer. Before joining Visa, he served as an information security specialist and Red Team member at American Express. Sarath has also provided consulting expertise to various financial institutions and Fortune 500 companies as part of his consulting career. He has played a key role in shaping mobile security practices across various organizations and training security professionals on mobile security.

Scott Matsumoto is a Principal Consultant at Cigital with over 20 years of software security and commercial software product development experience. At Cigital, Scott is responsible for mobile security practice within the company and has been instrumental in building Cigital’s western US business through direct consulting as well as oversight of projects, training, and software deployments. He works with many of Cigital’s clients on security architecture topics such as Mobile Application Security, Cloud Computing Security, SOA Security, fine-grained entitlements systems, and SOA Governance.

Scott’s prior experience encompasses development of component-based middleware, performance management systems, graphical UIs, language compilers, database management systems, and operating system kernels. He is a founding member of the Cloud Security Alliance (CSA) and is actively involved in its Trusted Computing Initiative.

Mike Price is currently Chief Architect at Appthority, Inc. In this role, Mike focuses full time on research and development related to mobile operating system and application security. Mike was previously Senior Operations Manager for McAfee Labs in Santiago, Chile. In this role, Mike was responsible for ensuring smooth operation of the office, working with external entities in Chile and Latin America, and generally promoting technical excellence and innovation across the team and region. Mike was a member of the Foundstone Research team for nine years. Most recently, he was responsible for content development for the McAfee Foundstone Enterprise vulnerability management product. In this role, Mike worked with and managed a global team of security researchers responsible for implementing software checks designed to remotely detect the presence of operating system and application vulnerabilities. He has extensive experience in the information security field, having worked in the area of vulnerability analysis and infosec-related R&D for nearly 13 years. Mike is a published author, contributing to Hacking Exposed: Network Security Secrets & Solutions, 7th Edition on the topic of iOS security and to Sockets, Shellcode, Porting & Coding on the topic of sockets programming and code portability. Mike is also co-founder of the 8.8 Computer Security Conference, held annually in Santiago, Chile.

John Steven is Cigital’s Internal CTO. He is a sought-after speaker with over 15 years of industry experience. John’s expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a Principal Consultant, John provided strategic direction to many multinational corporations. As Internal CTO, John directs Cigital’s security practices and his keen interest in automation keeps Cigital technology at the cutting edge.