David Brumley is a professor in the Electrical and Computer Engineering Department at Carnegie Mellon University with an additional courtesy in the Computer Science Department. He was previously the director of CyLab, the CMU Security and Privacy Institute. His research focuses on software security.

Brumley received his Ph.D. in Computer Science from Carnegie Mellon University, an M.S. in Computer Science from Stanford University, and a B.A. in Mathematics from the University of Northern Colorado. He served as a computer security officer for Stanford University from 1998-2002 and handled thousands of computer security incidents in that capacity. He is the faculty mentor for the Carnegie Mellon Hacking Team Plaid Parliament of Pwning (PPP), which is ranked internationally as one of the top teams in the world according to The team was ranked #1 in 2011, #2 in 2012, and #1 in 2013, and won DefCon 2013. Brumley received the USENIX Security Best Paper Award in 2003 and 2007, and an ICSE Distinguished Paper Award in 2014.<

Brumley’s honors include being selected for the 2010 DARPA CSSP program and 2013 DARPA Information Science and Technology Advisory Board, a 2010 NSF CAREER award, a 2010 United States Presidential Early Career Award for Scientists and Engineers (PECASE) from President Obama (the highest award in the US for early career scientists), and a 2013 Sloan Foundation Award.

2202 Collaborative Innovation Center
Google Scholar
David Brumley
David Brumley's website

Network Security: Protecting Today's Computers


2008 Ph.D., Computer Science, Carnegie Mellon University

2003 MS, Computer Science, Stanford University

1998 BA, Mathematics, University of North Colorado


Media mentions

CMU Engineering

First round of Secure and Private IoT Initiative funded projects announced

CyLab’s Secure and Private IoT Initiative (IoT@CyLab) has broken ground as the first round of funded proposals have been announced. Twelve selected projects will be funded for one year, and results will be presented at the IoT@CyLab annual summit next year.

The Washington Post

Brumley on Nielsen’s departure and cybersecurity

In an article from The Washington Post, cybersecurity experts discussed the consequences of Kirstjen Nielsen’s ouster from the Department of Homeland Security. “Nielsen’s departure is another sad indication that the government lacks the will to make real cybersecurity and safety improvements,” said ECE’s David Brumley.

The Washington Post

Brumley on offensive cyber operations

ECE/CyLab’s David Brumley was interviewed by the The Washington Post about the Trump administration’s goal for loosening constraints on offensive cyber operations. He believes the move is “common sense” on an operational level.

CMU Engineering

CyLab researchers win NSA's Best Scientific Cybersecurity Paper competition

Two CyLab researchers led a study that has been named 2017's Best Scientific Cybersecurity Paper by NSA's Science of Security initiative.

CMU Engineering

Overcoming the human bottleneck with autonomy

On August 4, 2016, the mission of cyber autonomy was declared accomplished. Meanwhile, back in Pittsburgh, a CyLab graduate student quietly hacked away at her own research in cyber autonomy.

SciTech Now

Brumley featured on SciTech Now

Recently, CyLab/ECE's David Brumley was featured on an episode of SciTech Now, where he talked about the importance of understanding basic cybersecurity concepts.

CMU Engineering

College of Engineering's 2017 game changers

From engineering new materials to constructing smart systems, researchers in the College of Engineering are innovating for the future. Read some of our highlights from 2017.

CMU Engineering

PPP: The strongest team in DefCon history

CMU’s hacking team won its fourth “World Series of Hacking” title at the DefCon security conference in Las Vegas.

CMU Engineering

Hacking team looks to take unprecedented fourth win at DefCon “World Series of Hacking”

At a time when cybersecurity pervades news headlines on a daily basis, a team of cybersecurity experts from Carnegie Mellon University may grab an unprecedented win this weekend in Las Vegas.

CMU Engineering

Why I am a hacker

Here are a few hackers from CyLab explaining why they hack.

picoCTF featured on WESA

CMU’s picoCTF, a computer security game targeted at middle and high school students, was recently featured on 90.5 WESA. The two-week contest features a series of challenges, which participants must solve either by decryption, breaking, reverse engineering, or hacking—whatever it takes.

CMU Engineering

CMU hackers give a glimpse into the hacker psyche

In this podcast episode, members of PPP share their thoughts on hacking, giving us all a glimpse into the hacker psyche.