The Cyber Independent Testing Lab (CITL) was organized exclusively for scientific and educational purposes, with the mission of advising software consumers through expert scientific inquiry into software safety.  We are a 501(c)3 organization that produces an independent comparative measure of the risk of ownership of computer software and systems. We engage in scientific research to test software and computing products, and then we will publish the results of that research in a way that will best empower and educate software consumers.  

The Team

Peiter Zatko (Director), known professionally as Mudge, is a respected network security expert who has been prominent in the security field for over 20 years.  He published some of the first security advisories and research demonstrating early vulnerabilities in computer systems and was an early advocate for educating the public about computer security and safety.  Mudge was one of the first people from the security research community to reach out and build relationships with government and industry.  He testified before the Senate Committee on Government Affairs in 1998 about the serious vulnerabilities of the Internet.  He later testified to the house and senate regarding cyber legislation.  In 2000, after the first crippling Internet distributed denial-of-service attacks, he was invited to meet with President Bill Clinton at a security summit alongside cabinet members and industry executives.  Mudge has a long history of lecturing and teaching pro bono at universities, military academies, and government agencies.  He also provides such expertise and background to technology journalists and digital rights lawyers.  In 2010 he took an appointed position as a Department of Defense official within the Defense Advanced Research Projects Agency (DARPA), where he was responsible for redirecting the DoD’s cyber research efforts.  After his tenure at DARPA he was corporate VP of engineering at Motorola, and then the Deputy Director of Google’s Advanced Technology and Projects group, before stepping down to be the Director of The Cyber ITL. Follow Peiter on Twitter @dotmudge.

Sarah Zatko (Chief Scientist) has a bachelor’s in Math with Computer Science from MIT and a Master’s in Computer Science from Boston University.  She has worked in the computer security field for over a decade for government contractors such as BBN Technologies, The Institute for Defense Analysis (a Federally Funded Research and Development Center), and commercial companies like IBM or L0phtcrack, LLC.  Sarah also has a strong interest in security education and has presented talks on the subject of computer science curriculum design at University of Michigan, West Point, and Shmoocon, a computer security conference held annually in Washington, DC.  Sarah will be using her math and computer security experience to develop models for predicting the expected security of software systems based on their initial test results and metrics.