Ivan Ristic

Current

Founder at SSL Labs
Publisher at Feisty Duck

Past

VP Security Research / Chief Evangelist at Breach Security
Chapter Leader - London at OWASP
Founder at Thinking Stone (acquired by Breach Security)

Author at O'Reilly & Associates
Technical Director at DNS Europe

see less...

2 more...

Education

The Open University

Connections

271 connections

Industry

Computer & Network Security

Websites

Ivan Ristic’s Summary

Ivan Ristic is a respected security expert and book author, known especially for his contribution to the web application firewall field and the development of ModSecurity, the open source web application firewall. He is the author of Apache Security, a comprehensive security guide for the Apache web server. A frequent speaker at computer security conferences, Ivan is an active participant in the application security community, member of the Open Web Application Security Project (OWASP) and officer of the Web Application Security Consortium (WASC).

Ivan Ristic’s Specialties:

Open source. Web application firewalls, UNIX server security, application security, security training, security source code review and security architecture review. Secure programming, concurrent programming, C, Java, web application development, relational databases and software project management. Scalable Internet architectures, design and development of complex networked systems. Single-source publishing.

Ivan Ristic’s Experience

Founder

SSL Labs

(Computer & Network Security industry)

February 2009 — Present (10 months)

Founded SSL Labs to research SSL and TLS and promote their correct usage. Implemented a comprehensive SSL security assessment platform, and made it available to the public free of charge.
Publisher

Feisty Duck

(Publishing industry)

February 2009 — Present (10 months)

Researched and implemented a fully automated single-source publishing workflow, which takes manuscripts in DocBook format and produces print-ready PDFs, screen-optimized PDFs, and HTML and ePub output.
VP Security Research / Chief Evangelist

Breach Security

(Privately Held; Computer & Network Security industry)

September 2006 — January 2009 (2 years 5 months)

After the acquisition, I joined Breach Security as an executive, with the primary role to continue to develop ModSecurity, whose development team grew. My other duties included application security research and public speaking. I spoke regularly at computer security conferences, such as OWASP AppSec, ApacheCon and Black Hat.
Chapter Leader - London

OWASP

(Privately Held; Computer & Network Security industry)

April 2007 — December 2008 (1 year 9 months)

Organised quarterly meetings of the Open Web Application Security Project (OWASP) in London, increasing the meeting attendance more than twofold.
Founder

Thinking Stone (acquired by Breach Security)

(Computer & Network Security industry)

July 2004 — August 2006 (2 years 2 months)

Founded Thinking Stone to develop and support an open source web application firewall, ModSecurity, which subsequently became the most widely deployed web application firewall and achieved excellent results in the Forrester Wave evaluation competing against Citrix, F5, Imperva and others. The company was acquired by Breach Security in August 2006.
Author

O'Reilly & Associates

(Privately Held; Publishing industry)

April 2004 — March 2005 (1 year )

Wrote Apache Security, a comprehensive web security guide for the Apache web server.
Technical Director

DNS Europe

(Information Technology and Services industry)

May 2000 — June 2004 (4 years 2 months)

Designed and oversaw the development of a complete ISP billing and accounting system that included customer authentication, real-time rating and billing, traffic measurement, customer sign-up and self-service, and internal management application. Managed multiple web software development and content management projects.