Gary McGraw is an American computer scientist, author, and researcher.

McGraw holds a dual PhD in Cognitive Science and Computer Science from Indiana University and a BA in Philosophy from the University of Virginia.^[1] His doctoral dissertation is titled "Letter Spirit: Emergent High-Level Perception of Letters Using Fluid Concepts."^[2]

McGraw was the Vice President of Security Technology at Synopsys.^[3] Before Cigital was acquired by Synopsys, he was Chief Technical Officer at Cigital.^[4] He produced the Silver Bullet Security Podcast for IEEE Security & Privacy magazine (syndicated by informIT). ^[5] Gary McGraw serves on the Dean's Advisory Council for the School of Informatics of Indiana University. He also serves on the advisory boards of several companies,^[6] including Dasient (acquired by Twitter), Fortify Software (acquired by Hewlett-Packard), Max Financial, Invotas, Wall+Main, Invincea (acquired by Sophos), and Raven White. In the past, Gary McGraw has served on the IEEE Computer Society Board of Governors.^{[citation needed]}

Gary is an author of many books and over 100 peer-reviewed publications on IT security.

• Software Security: Building Security In, ISBN 978-0-321-35670-3
• Exploiting Software: How to Break Code (with Greg Hoglund), ISBN 978-0-201-78695-8
• Building Secure Software: How to Avoid Security Problems the Right Way (with John Viega), ISBN 978-0-321-77495-8
• Java Security (with Edward Felten), ISBN 978-0-471-17842-2
• Exploiting Online Games: Cheating Massively Distributed Systems (with Greg Hoglund), ISBN 978-0-13-227191-2
• Software Security Engineering: A Guide for Project Managers (with Julia H. Allen, Sean J. Barnum, Robert J. Ellison, and Nancy R. Mead) ISBN 978-0-321-50917-8
• Software Fault Injection (with Jeffrey M. Voas) ISBN 978-0-471-18381-5
• Securing Java: Getting Down to Business with Mobile Code (with Edward Felten), ISBN 978-0-471-31952-8

• Ben Rothke. "Software Security: Building Security In", Security Management magazine
• Radu State. Review of "Software Security: Building Security In by Gary McGraw", ACM Queue 4(7):44 (2006)
• "Software Security : Building Security In", Palizine, Issue #18 February 2006
• Robert Bruen. "Software Security. Building Security In", Cipher (IEEE magazine), Jan 5, 2006
• Alen Prodan. "Exploiting Software: How to Break Code", Help Net Security, 21 July 2004
• A. Mariën. Review of "Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw", ACM Queue, 3(4):60 (2005)
• Robert Bruen. "Exploiting Software. How to Break Code", Cipher (IEEE magazine), January 13, 2004
• Aleksandar Stancin. "Building Secure Software: How to Avoid Security Problems the Right Way", Help Net Security
• Robert Bruen. "Building Secure Software. How to Avoid Security Problems the Right Way", Cipher (IEEE magazine), January 9, 2002
• Diomidis Spinellis. "Book review: Building Secure Software: how to Avoid Security Problems the Right Way", ACM Computing Reviews, 43(4):103–104, April 2002.

• Gary McGraw's personal home page