Directory

David Brumley is a professor in the Electrical and Computer Engineering Department at Carnegie Mellon University with an additional courtesy in the Computer Science Department. He was previously the director of CyLab, the CMU Security and Privacy Institute. His research focuses on software security.

Brumley received his Ph.D. in Computer Science from Carnegie Mellon University, an M.S. in Computer Science from Stanford University, and a B.A. in Mathematics from the University of Northern Colorado. He served as a computer security officer for Stanford University from 1998-2002 and handled thousands of computer security incidents in that capacity. He is the faculty mentor for the Carnegie Mellon Hacking Team Plaid Parliament of Pwning (PPP), which is ranked internationally as one of the top teams in the world according to ctftime.org. The team was ranked #1 in 2011, #2 in 2012, and #1 in 2013, and won DefCon 2013. Brumley received the USENIX Security Best Paper Award in 2003 and 2007, and an ICSE Distinguished Paper Award in 2014.<

Brumley’s honors include being selected for the 2010 DARPA CSSP program and 2013 DARPA Information Science and Technology Advisory Board, a 2010 NSF CAREER award, a 2010 United States Presidential Early Career Award for Scientists and Engineers (PECASE) from President Obama (the highest award in the US for early career scientists), and a 2013 Sloan Foundation Award.

Office
2202 Collaborative Innovation Center
Phone
412.268.3851
Email
dbrumley@cmu.edu
Google Scholar
David Brumley
Websites
David Brumley's website

Network Security: Protecting Today's Computers

Education

2008 Ph.D., Computer Science, Carnegie Mellon University

2003 MS, Computer Science, Stanford University

1998 BA, Mathematics, University of North Colorado

Affiliations

Media mentions


Dark Reading

Brumley quoted on cybersecurity

ECE/CyLab’s David Brumley was quoted in Dark Reading on getting started in cybersecurity.

Security Magazine

Brumley interviewed on security competitions

CyLab’s David Brumley was interviewed by Security Magazine on Capture the Flag cybersecurity competitions.

Tech Republic

Brumley interviewed on fuzzing

CyLab’s David Brumley was interviewed by Tech Republic on fuzzing.

CyLab Security and Privacy Institute

Carnegie Mellon hacking team finishes 2nd at DefCon

Carnegie Mellon University’s competitive hacking team, the Plaid Parliament of Pwning (PPP), finished in 2nd place in the “Capture the Flag” competition—widely referred to as “The Olympics of Hacking”—at this year’s DefCon security conference.

Tech Republic

Brumley interviewed about DevSecOps

ECE/CyLab’s David Brumley was interviewed in Tech Republic about DevSecOps, an application from his company, ForAllSecure.

WIRED

Brumley quoted on online security

CyLab/ECE’s David Brumley was quoted in Wired on online security and his tool, Mayhem.

NBC News Bay Area

Brumley discusses vulnerabilities, patches, and national security

In a roundtable discussion on NBC News Bay Area, ECE/CyLab’s David Brumley offered his insights on the state of national security in a digitally vulnerable world. “Cybersecurity is a relatively young field, so we’re continuing to learn,” he said. “People are realizing that it’s about the speed of reaction. If someone says, ‘We’re better prepared,’ that’s both, ‘We’re more secure,’ and ‘We can more quickly respond.’”

CMU Engineering

CMU crowned hacking champs for fifth time in seven years

Carnegie Mellon University’s competitive hacking team, the Plaid Parliament of Pwning (PPP), just won its fifth hacking world championship in seven years at this year’s DefCon security conference.

CyLab Security and Privacy Institute

CMU crowned hacking champs for fifth time in seven years

Carnegie Mellon University’s competitive hacking team, the Plaid Parliament of Pwning (PPP), just won its fifth hacking world championship in seven years at this year’s DefCon security conference.

CyLab Security and Privacy Institute

First round of Secure and Private IoT Initiative funded projects announced

CyLab’s Secure and Private IoT Initiative (IoT@CyLab) has broken ground as the first round of funded proposals have been announced. Twelve selected projects will be funded for one year, and results will be presented at the IoT@CyLab annual summit next year.

The Washington Post

Brumley on Nielsen’s departure and cybersecurity

In an article from The Washington Post, cybersecurity experts discussed the consequences of Kirstjen Nielsen’s ouster from the Department of Homeland Security. “Nielsen’s departure is another sad indication that the government lacks the will to make real cybersecurity and safety improvements,” said ECE’s David Brumley.

The Washington Post

Brumley on offensive cyber operations

ECE/CyLab’s David Brumley was interviewed by the The Washington Post about the Trump administration’s goal for loosening constraints on offensive cyber operations. He believes the move is “common sense” on an operational level.