I was a co-founder and the Chief Scientist at Intrinsic a web-security startup (acquired by VMWare). I also spent a bit of time on the W3C WebAppSec and Node.js Security Working Groups.
Prior to UCSD, I was also an instructor and teaching assistant for several courses at Stanford and Cooper.
Below you will find most papers I've worked on. DBLP has a slightly more complete list.
The following three papers are representative: