Salvatore Guarnieri

salvatore.guarnieri@gmail.com
http://www.sammyg.org
https://github.com/salguarnieri (but most work is internal at Google)
Education
The University of Washington : September 2006 - June 2010
Degree
Masters of Science in Computer Science

Location
Seattle, WA

Area of Research
Program Analysis for Web Languages

The University of Virginia : September 2002 - May 2006
Degree
Bachelor of Science

Location
Charlottesville, VA

Major
Computer Science (Computer Graphics and Computer Security concentration)

Minor
Biomedical Engineering

Work Experience
Google : September 2014 - Current
Location
New York, NY, Seattle, WA

Title
Senior Software Engineer

Summary
Kythe - Most recently working on the client-data interface to simplify usage of Kythe data while also enabling easier feature development and deployment in Kythe.
Android Studio - I worked on the Bazel plugin for Android Studio. I was one of the early developers that helped bridge the Bazel project model and the IntelliJ project model to make the plugin possible.

IBM : January 2011 - August 2014
Location
Hawthorne, NY

Title
Software Engineer

Summary
Worked on analyses targeted at improving mobile application development. Specifically, worked on analyses for JavaScript, Android (Java), and Java to detect security and reliability problems. Was technical lead for JavaScript analyses.

Primary Language Used
Java

IBM Research : June 2010 - January 2011
Location
Hawthorne, NY

Title
Intern, worked with Marco Pistoia

Summary
I worked on precise JavaScript and Java analyses. During the course of the internship I developed several analyses to detect or prevent security problems in several web languages. One of the analyses I developed was Actarus, which was a precise tainting analysis for JavaScript.

Primary Language Used
Java

Microsoft Research : October 2008 - February 2009
Location
Redmond, WA

Title
Intern, worked with Ben Livshits

Summary
I developed Gatekeeper, a tool that statically analyzes JavaScript widgets to identify possible security or reliability problems. The tool was aimed at widgets that were present on the live.com web portal. Gatekeeper was designed to execute on a widget after it was submitted but before the widget was listed in a directory of available widgets. Gatekeeper was designed to ensure unreliable widgets would not make it to the directory of downloadable widgets. I was responsible for creating, testing, and improving the tool. I was also partially responsible for the tool's technical report and presentation at meetings and talks.

Primary Language Used
C#

Selected Publications
Andromeda: Accurate and Scalable Security Analysis of Web Applications
Omer Tripp, Marco Pistoia, Patrick Cousot, Radhia Cousot, Salvatore Guarnieri
FASE 2013
Saving the World Wide Web from Vulnerable JavaScript
Salvatore Guarnieri, Marco Pistoia, Omer Tripp, Julian Dolby, Stephen Teilhet, Ryan Berg
ISSTA 2011
Gatekeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code
Salvatore Guarnieri, Ben Livshits.
USENIX Security 2009
Automatically Hardening Web Applications Using Precise Tainting
Anh Nguyen-Tuong, Salvatore Guarnieri, Doug Greene, Jeffrey Shirley and David Evans.
IFIP International Information Security Conference 2005