For two decades, John led technical direction at Cigital, where he rose to the position of co-CTO. He founded spin-off Codiscope as CTO in 2015. When both firms were acquired by Synopsys in 2016, John transitioned to the role of Senior Director of Security Technology and Applied Research. His expertise runs the gamut of software security—from threat modeling and architectural risk analysis to static analysis and security testing. John is keenly interested in using orchestration and automation to provide security governance at the cadence of modern development. As a trusted adviser to security executives, he uses his unparalleled experience with a broad range of security tools to build and mature security programs. He has served as co-editor of the Building Security In department of IEEE Security & Privacy magazine and as the leader of the Northern Virginia OWASP chapter. John is regularly invited to speak, including keynotes at AppSecUSA and BSIMM.