I am a faculty member of the Computer Science Department at the University of California in Santa Barbara.
My research focuses on web security, vulnerability analysis, malware countermeasures, and intrusion detection.
I am co-director of the Security Lab. I am also part of the International Security Lab and of the Shellphish and Epic Fail hacker groups.
I am one of the founders of WebWise Security, Inc., a Santa Barbara-based security consulting firm that provides security solutions, vulnerability assessment, penetration testing, and source code analysis services to clients world-wide.
Every year, I organize the International Capture The Flag (iCTF), the world's largest hacking competition.
Contact Information
- Address
-
Giovanni Vigna
Department of Computer Science
University of California, Santa Barbara
Santa Barbara, CA 93106-5110, USA - Skype
- ID: Giovanni.Vigna
- vigna@cs.ucsb.edu
- Web
- http://www.cs.ucsb.edu/~vigna
- Office
- Engineering I (Harold Frank Hall), Room 2159 (office) or Room 2114 (lab)
- Bio
- Short version, longer version
- Public key
- PGP key
News
- Oct 2, 2009: Our research on drive-by-download attacks was discussed on MIT's Technology Review.
- Aug 2, 2009: Our team Shellphish participated to the DefCon CTF.
- May 4, 2009: Our report on hijacking and analyzing the Torpig botnet was featured on Slashdot an then covered by the international press.
- 27 April 2009: The research of a team from the SecLab (Marco Cova, Davide Balzarotti, and me) was featured in the May 2009 edition of Scientific American. The research mentioned is described in the paper "ClearShot: Eavesdropping on Keyboard Input from Video", which was published in the Proceedings of the IEEE Symposium on Security and Privacy Oakland, in 2008.
- 20 April 2009: Check out Wepawet, a malicious JavaScript/Flash analyzer. You can submit a URL to the system and find out if the associated web site is performing attacks against your browser.