We work for a fair, just, and safe software marketplace for all consumers, empowering consumers to protect themselves.
Sarah Zatko has a bachelor’s in Math with Computer Science from MIT and a Master’s in Computer Science from Boston University. She has worked in the computer security field for over a decade for government contractors such as BBN Technologies, The Institute for Defense Analysis (a Federally Funded Research and Development Center), and commercial companies like IBM or L0phtcrack, LLC.
Sarah also has a strong interest in security education and has presented talks on the subject of computer science curriculum design at University of Michigan, West Point, and Shmoocon, a computer security conference held annually in Washington, DC. Sarah will be using her math and computer security experience to develop models for predicting the expected security of software systems based on their initial test results and metrics.
Parker Thompson has a background in computer security, notably in fuzzing, crash analysis, and reverse engineering. Previously, Thompson has worked as a security consultant and a development lead on security products.
Patrick Stach is a computer scientist known for his work in computer security and cryptography. A long time member of the security community, Stach's work includes contributions to integer factoring, cryptographic hash collisions, vulnerability discovery, exploitation, intrusion detection, malware analysis, and other practical arts.
Tim Carstens is a mathematician and former Acting Director of CITL with over a decade of experience in computer security, having reviewed systems in use by hundreds of millions of people and businesses. In addition to his work in security, Carstens is an active member of the research community, focused on problems in the intersection of category theory and software verification.
Chief Barketing Officer
Mysterious yet venerable. Wise but unassuming. Tori's sage demeanour and constant vigilance make her the perfect mascot for CITL.
Technical Advisory Board
We have a 7 member Technical Advisory Board composed of security experts. Our TAB is primarily composed of experts in software exploit writing, as we wanted them to be able to advise us on the metrics and heuristics they look for when assessing software exploitability.