He was the seventh member to join the L0pht. His development projects there included Netcat and L0phtCrack for Windows. He was also webmaster/graphic designer for the L0pht website and for Hacker News Network, the first hacker blog. He researched and published security advisories on vulnerabilities in Microsoft Windows, Lotus Domino, Microsoft IIS, and ColdFusion. Weld was one of the seven L0pht members who testified before a Senate committee in 1998 that they could bring down the Internet in 30 minutes. When L0pht was acquired by @stake in 1999 he became the manager of @stake's Research Group and later @stake's Vice President of Research and Development. In 2004 when @stake was acquired by Symantec he became its Director of Development. In 2006 he founded Veracode with Christien Rioux and serves as CTO. In 2017 Veracode was acquired by CA Technology for $614M. Veracode was subsequently spun out and became independent once again by being purchased by Thoma Bravo for $950M. Wysopal continues to serve as CTO. In 2018 Wysopal joined the Humanyzeboard of directors. Wysopal was instrumental in developing industry guidelines for responsible disclosure of software vulnerabilities. He was a contributor to RFPolicy, the first vulnerability disclosure policy. Together with Steve Christey of MITRE he proposed an IETFRFC titled "Responsible Vulnerability Disclosure Process" in 2002. The process was eventually rejected by the IETF as not within their purview but the process did become the foundation for , an industry group bringing together software vendors and security researchers of which he was a founder. In 2001 he founded the non-profit full disclosuremailing listVulnWatch for which was moderator. In 2003 he testified before a United States House of Representatives subcommittee on the topic of vulnerability research and disclosure. In 2008 Wysopal was recognized for his achievements in the IT industry by being named one of the 100 Most Influential People in IT by eWeek and selected as one of the InfoWorld CTO 25. In 2010 he was named a SANS Security Thought Leader. In 2012, he began serving on the Black HatReview Board. He was named one of the Top 25 Disruptors of 2013 by Computer Reseller News. In 2014 he was named one of 5 Security Thought Leaders by SC Magazine.
Patents
, Assessment and analysis of software security flaws , Automated behavioral and static analysis using an instrumented sandbox and machine learning classification for mobile security , Assessment and analysis of software security flaws in virtual machines
Publications
Wysopal, Chris; Geer, Dan. . ;login: The USENIX Magazine.
Wysopal, Chris. . Datenschutz und Datensicherheit - DuD.
