Marcus J. Ranum (born November 5, 1962, in
New York City
New York, often called New York City or NYC, is the most populous city in the United States. With a 2020 population of 8,804,190 distributed over , New York City is also the most densely populated major city in the Un ...
,
New York, United States) is a computer and network security researcher. He is credited with a number of innovations in
firewalls, including building the first Internet email server for the
whitehouse.gov domain, and
intrusion detection system
An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically rep ...
s. He has held technical and leadership positions with a number of computer security companies, and is a faculty member of the
Institute for Applied Network Security.
Education
Marcus Ranum was born in New York City, and graduated from
Gilman School
Gilman School is an all-boys independent school located in the Roland Park neighborhood of Baltimore, Maryland. There are three school divisions: Lower School, grades pre-kindergarten through five; Middle School, grades six through eight; and Up ...
in
Baltimore, Maryland
Baltimore ( , locally: or ) is the List of municipalities in Maryland, most populous city in the U.S. state of Maryland, fourth most populous city in the Mid-Atlantic (United States), Mid-Atlantic, and List of United States cities by popula ...
before attending
Johns Hopkins University
Johns Hopkins University (Johns Hopkins, Hopkins, or JHU) is a private research university in Baltimore, Maryland. Founded in 1876, Johns Hopkins is the oldest research university in the United States and in the western hemisphere. It consi ...
where he obtained a Bachelor of Arts in
Psychology
Psychology is the scientific study of mind and behavior. Psychology includes the study of conscious and unconscious phenomena, including feelings and thoughts. It is an academic discipline of immense scope, crossing the boundaries between ...
in 1985.
Career
Ranum helped design and implement
Digital Equipment Corporation
Digital Equipment Corporation (DEC ), using the trademark Digital, was a major American company in the computer industry from the 1960s to the 1990s. The company was co-founded by Ken Olsen and Harlan Anderson in 1957. Olsen was president un ...
's Secure External Access Link (SEAL) (later
AltaVista
AltaVista was a Web search engine established in 1995. It became one of the most-used early search engines, but lost ground to Google and was purchased by Yahoo! in 2003, which retained the brand, but based all AltaVista searches on its own sear ...
firewall), regarded as the first commercial bastion host firewall, in 1990. He left DEC to work for
Trusted Information Systems
Trusted Information Systems (TIS) was a computer security research and development company during the 1980s and 1990s, performing computer and communications (information) security research for organizations such as NSA, DARPA, ARL, AFRL, SPAWAR ...
(TIS) as chief scientist and development manager for Internet security products. It was at TIS that Ranum became responsible for the whitehouse.gov Internet email site. Once charged with that responsibility, Ranum advocated that the
whitehouse.com domain be registered as well. Despite his advice, it was not registered by the government, but was later registered for an
adult entertainment provider. At TIS, he developed the TIS Internet Firewall Toolkit (fwtk) under a grant from
DARPA
The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military.
Originally known as the Ad ...
. After TIS, he worked for V-One as chief scientist, and was extensively involved in that company's
IPO
An initial public offering (IPO) or stock launch is a public offering in which shares of a company are sold to institutional investors and usually also to retail (individual) investors. An IPO is typically underwritten by one or more investment ...
. Three months after that IPO, Ranum formed his own company, Network Flight Recorder (NFR), and served as
CEO for three years before stepping into a
CTO role. Ranum later left NFR to consult for TruSecure, before joining Tenable Network Security as
CSO.
In addition to his various full-time positions, Ranum has also held board or advisory positions at NFR Security, Protego Networks, and
Fortify Software
Fortify Software, later known as Fortify Inc., is a California-based software security vendor, founded in 2003 and acquired by Hewlett-Packard in 2010, Micro Focus in 2017, and OpenText in 2022.
Fortify offerings included Static application secu ...
.
Public presentations
Ranum has spoken to
USENIX audiences at LISA 1997, 1999 (tutorial) LISA 2000 (keynote), 2002, and 2003 (tutorial). He spoke out against full disclosure at the Black Hat Security Briefings in 2000. More recently, Ranum has spoken at Interop in 2005 and 2007, CanSecWest in 2010, and Secure360 in 2011.
He previously taught courses for the
SANS Institute
The SANS Institute (officially the Escal Institute of Advanced Technologies) is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for t ...
.
Influence
Ranum's work has been cited in at least 15 published
U.S. patents, as well as numerous other computer and network security articles and books.
"Ranum's Law"
Ranum is cited
as the author of an
eponym
An eponym is a person, a place, or a thing after whom or which someone or something is, or is believed to be, named. The adjectives which are derived from the word eponym include ''eponymous'' and ''eponymic''.
Usage of the word
The term ''epon ...
ous law, "You can't solve social problems with software."
Awards
* TISC "clue" award, 2000.
* Inducted into the
ISSA hall of fame, 2000 or 2001.
* Techno-Security Professional of the Year, 2005.
Publications
Articles
Marcus has co-authored a series of "Face Off" articles with
Bruce Schneier
Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Cente ...
, which have appeared approximately bi-monthly in Information Security Magazine since July, 2006.
Ranum is one of a number of editors of the
SANS Newsbites semiweekly email newsletter.
*
*
*
*
*
*
Books
*''The Myth of Homeland Security''.
*''Host Intrusion Monitoring Using Osiris and Samhain'' with Brian Wotring and Bruce Potter.
*''Web Security Sourcebook'' with
Aviel D. Rubin and
Dan Geer.
Personal life
Currently, Ranum lives in
Morrisdale, Pennsylvania
Morrisdale is a census-designated place located in Morris Township, Clearfield County, in the state of Pennsylvania. As of the 2020 census, the population was 684.https://data.census.gov/all?q=Morrisdale+CDP,+Pennsylvania
Its location is appro ...
. His hobbies include photography and
firearms. He maintains an active stock photography account on
DeviantArt
DeviantArt (historically stylized as deviantART) is an American online art community that features artwork, videography and photography, launched on August 7, 2000 by Angelo Sotira, Scott Jarkoff, and Matthew Stephens among others.
DeviantArt, ...
, and he wrote an essay for Oleg Volk's pro-firearms site
www.a-human-right.com Marcus Ranum was also interviewed by digital artis
Brandon Pencefor the NWFLAA which can be read in 2 parts
Part 1an
Part 2 He is an atheist, maintaining a blog on the Freethought Blogs network.
References
External links
Marcus Ranum's personal websiteSecurity Solutions profile of Ranum (2006-12-01)Ranum interview with IEEE Security and Privacy magazine (2006-09-01)Ranum interview with SecurityFocus (2005-06-21)Ranum's DeviantArt website (stock)Ranum's DeviantArt website (portfolio)DojoSec Lecture — March 2009 — Ranum's discussing the failure of the notion of Cyber-warfare
{{DEFAULTSORT:Ranum, Marcus J.
1962 births
Living people
People associated with computer security
Usenet people
Digital Equipment Corporation people
American atheists
American computer specialists