Brian Caswell

About

Brian joined Microsoft Research in July of 2018.  Brian is the development lead for Project Freta (opens in new tab), a project for detecting evidence of OS and sensor sabotage in memory snapshots of live systems, and the author of AVML (opens in new tab), an open-source memory acquisition tool for Linux.   Brian was the architect for Project Onefuzz (opens in new tab), a project that enables continuous developer-driven fuzzing to proactively harden software prior to release (used by Windows (opens in new tab) and Edge (opens in new tab) teams) until it successfully graduated from a research project to a fully funded effort in the Windows organization.

Prior to joining Microsoft in July of 2018, Brian was the principal investigator or co-principal investigator on numerous DARPA programs including SAFER (opens in new tab) (resilient communications) ICAS (opens in new tab) (tactical systems information analysis), CGC (opens in new tab) (the first fully autonomous cyberwar exercise), and was an architectural lead for Plan-X (opens in new tab) (foundational cyber warfare platform).  Earlier in his career, Brian was the primary author for the most widely used intrusion detection ruleset as part of the Snort Project (opens in new tab) and was an early contributor to MITRE’s CWE (opens in new tab).

Brian is a member of Sk3wl of r00t (opens in new tab) (with two DEFCON black badges (opens in new tab)), the Shmoo Group (opens in new tab), and Order of Defense in the Society for Creative Anachronism (opens in new tab), and is active in the Western Marshal Arts (opens in new tab) community.