Leaving Cigital/Synopsys After 23 Years


After 23 years at the same company, much of which I was a senior executive and member of the Board of Directors, I am leaving Synopsys on January 4th. Here is the message I sent to staff on November 9th after deciding to leave in September.

Please note that my email address is now gem@garymcgraw.com (change in all places).  Learn more at http://garymcgraw.com.

hi everyone,

After 23 years of working for the same company in various forms, I will be departing Synopsys in January. Synopsys has turned out to be a good home for Cigital. I am pleased with the progress SIG has made since the acquisition two years ago and its direct impact on the growth of software security as a field. Business is booming, cranks are cranking, and the field is exploding. All of that notwithstanding, the time has come for me to move on.

Pardon me as I wax nostalgic for a few lines. Here are seven things that stand out in my mind when I think back over the last twenty or so years I spent with you guys. I had a blast:

  • Taking on Sun, Netscape, and Microsoft directly during the Java Security years (1996-1998)
  • Releasing of ITS4 (It’s the Software Stupid Security Scanner) in 2000 — the world’s first code scanner for security
  • Publishing “Building Secure Software” in 2001 (the first book in the world on software security)
  • Licensing the DARPA-sponsored Cigital technology behind Fortify to Kleiner Perkins in 2004
  • Launching Silver Bullet in 2005
  • Creating the BSIMM measurement tool with Sammy and Brian Chess in 2009
  • Selling Cigital to Synopsys in 2016

All of these things required a cast of hundreds of dedicated people. We built the field of software security together. Over the years I have had the distinct pleasure of watching as the ideas behind software security became a reality. Thanks for that.

What will I do next? I will remain a fiercely independent participant in the software security conversation. I will serve as a Technical Advisor and Board member to forward-thinking firms. I will continue to collect data, make measurements, and do science. And I will dust off my machine learning and AI chops and see what happens when those fields intersect software security.

I am not disappearing from the planet, so keep in touch. My website http://garymcgraw.com will stay up to date. My preferred email is now gem@garymcgraw.com


Glass at a Party?!

Leave a comment

Mandatory corporate fun aside, what happens when you bring google glass to a company holiday party?

Your fearless moderator (not glasshole, really)

Your fearless moderator (not a glasshole, really)

First, you get 25 pictures of yourself taken by people trying glass. One for each person who wanted to try. All bad.

Everybody wants to try glass and when they do they take a picture of you.

Everybody wants to try glass and when they do they take a picture of you.

Then you get reactions from the coy to the surprised and everything in between.

We pause this dialog for a word from our sponsors. Don’t forget to join our Cigital Kiva team. Kiva rocks.

Lynn says "Sign up for Kiva!"

Lynn says “Sign up for Kiva!”


Of course the coolest thing about glass at a party is video. We present a small selection for your visual enjoyment.

Verdict? Glass is fun at a party as long as the geek factor is high. Merry new year cigital.

The Apothecary Shed is a Star

Leave a comment

The shed itself is featured in this video in all of its resplendent color. Video by Jack McGraw.

Jack Vids the Tech Fair

Leave a comment

Great trailer for the third annual Cigital Tech Fair.

My Peeps are Nuts (video)

Leave a comment

This surprise video from the Cigital Tech Fair made everyone laugh. Awesome. (Justin White, instigator.)