Principal Software Development Engineer at Microsoft
Seattle, Washington, United States
Join Prog.AI to see contacts
Join Prog.AI to see contacts
Summary
🤩
Rockstar
🎓
Top School
Gabriel Stocco is a Principal Software Development Engineer at Microsoft with a decade of experience building open-source security tooling and hardening developer workflows. He leads backend and DevOps efforts on high-impact projects such as DevSkim, Application Inspector, and Attack Surface Analyzer, focusing on performance, multithreading reliability, dependency hygiene, and pragmatic security features like suppression comments and unreadable-file handling. With a Ph.D. in Computer Engineering from Dartmouth and a background in platform security and TPM program management, he combines deep research grounding with production-grade engineering. Based in Seattle, he’s known for quietly improving CI pipelines and parallelizing analysis engines to make large-scale static analysis both faster and more maintainable.
10 years of coding experience
9 years of employment as a software developer
BA, Computer Science, BA, Computer Science at Bard College at Simon's Rock
BE, Computer Engineering, BE, Computer Engineering at Dartmouth College
Doctor of Philosophy (Ph.D.), Computer Engineering, Doctor of Philosophy (Ph.D.), Computer Engineering at Thayer School of Engineering at Dartmouth
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Role in this project:
Back-end & DevOps Engineer
Contributions:3 releases, 97 reviews, 120 commits in 2 years 10 months
Contributions summary:Gabriel primarily contributed to dependency updates and performance improvements within the `microsoft/applicationinspector` repository. These contributions included upgrading dependencies, removing redundancies, and streamlining code for efficiency gains. The user also implemented performance enhancements by parallelizing analysis and extraction processes, and improving multithreaded reliability. They also added improvements to the CI pipeline with a focus on automation and code quality.
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
Role in this project:
Back-end Developer & Security Engineer
Contributions:18 releases, 67 reviews, 274 commits in 3 years
Contributions summary:Gabriel primarily contributed to enhancing the DevSkim CLI tool by adding functionality to handle various security-related issues. Their work included implementing features to skip unreadable files, merging branches, and introducing suppression comment functionality. In addition, the user focused on upgrading dependencies related to security, and refactoring existing features, indicating a focus on code maintainability, security and performance enhancements.
lintervisual-studio-extensionsdlsecuritylinting
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Gabriel Stocco - Principal Software Development Engineer at Microsoft