Google : September 2014 - Current
Location
New York, NY, Seattle, WA
Title
Senior Software Engineer
Summary
Kythe - Most recently working on the client-data interface to simplify
usage of Kythe data while also enabling easier feature development and deployment in Kythe.
Android Studio - I worked on the
Bazel plugin for Android Studio.
I was one of the early developers that helped bridge the Bazel project model and the
IntelliJ project model to make the plugin possible.
IBM : January 2011 - August 2014
Location
Hawthorne, NY
Title
Software Engineer
Summary
Worked on analyses targeted at improving
mobile application development. Specifically, worked on analyses for JavaScript, Android (Java),
and Java to detect security and reliability problems. Was technical lead for JavaScript analyses.
Primary Language Used
Java
IBM Research : June 2010 - January 2011
Location
Hawthorne, NY
Title
Intern, worked with Marco Pistoia
Summary
I worked on precise JavaScript and Java analyses.
During the course of the internship I developed several analyses to detect or prevent security problems in
several web languages. One of the analyses I developed was Actarus, which was a precise tainting
analysis for JavaScript.
Primary Language Used
Java
Microsoft Research : October 2008 - February 2009
Location
Redmond, WA
Title
Intern, worked with Ben Livshits
Summary
I developed Gatekeeper, a tool that statically
analyzes JavaScript widgets to identify possible security or reliability problems. The tool was aimed at
widgets that were present on the live.com web portal. Gatekeeper was designed to execute on a widget
after it was submitted but before the widget was listed in a directory of available widgets. Gatekeeper
was designed to ensure unreliable widgets would not make it to the directory of downloadable widgets. I
was responsible for creating, testing, and improving the tool. I was also partially responsible for the
tool's technical report and presentation at meetings and talks.
Primary Language Used
C#
Andromeda: Accurate and Scalable Security Analysis of Web Applications
Omer Tripp, Marco Pistoia, Patrick Cousot, Radhia Cousot, Salvatore Guarnieri
FASE 2013
Saving the World Wide Web from Vulnerable JavaScript
Salvatore Guarnieri, Marco Pistoia, Omer Tripp, Julian Dolby, Stephen Teilhet, Ryan Berg
ISSTA 2011
Gatekeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code
Salvatore Guarnieri, Ben Livshits.
USENIX Security 2009
Automatically Hardening Web Applications Using Precise Tainting
Anh Nguyen-Tuong, Salvatore Guarnieri, Doug Greene, Jeffrey Shirley and David Evans.
IFIP International Information Security Conference 2005