- 🔭 In Open Source, I’m actively working on the OWASP sbom-utility project I created and donated to the OWASP Foundation
- 🔧 IBM Contributor at the Open Source Security Foundation (OpenSSF)
- 🔧 Maintainer, Committer at the Open Worldwide Application Security Project (OWASP)
- 🌱 I’m currently all over enhancing/improving the OWASP CycloneDX specification as well as studying how to improve OWASP Dependency Track project for our CIO/CISO teams
- 👴 I’ve formerly chaired the Apache OpenWhisk project from incubator to graduation and contributed to the CD Foundation Tekton project
- 👯 I’m looking to collaborate on CI/CD and Serverless projects for DevSecOps
- 🤔 I’m hoping to create reusable CI/CD workflows/profiles for DevSecOps
- 💬 Ask me about Ohio State! ⭕ 🙌 ❗ ⭕
- 📫 How to reach me: Email or Slack
- ⚡ Fun fact: Worked on Skynet AI for the US Navy in the late 80s.. buy me a mead sometime ;)
- OWASP Foundation, Maintainer, Contributor
- Specification maintainer for CycloneDX including workign groups for v1.5: Attestations, Machine Learning (ML), Manufacturing (Formulation) as well as the Software Component Verification Standard (SCVS)
- Author of the v1.5 Manufacturing BOM (MBOM) proposal/schema/guide; you an even see my quote in the announcement: https://cyclonedx.org/news/cyclonedx-v1.5-released/
- Creator/Maintainer CycloneDX Tool sbom-utility, Maintainer CycloneDX Tool "license-scanner"
- edX: Building Cloud Native and Multicloud Applications
- Coursera: Building Cloud Native and Multicloud
- Covers core concepts and practices of building and running Cloud Native applications and how to run these applications in a multicloud environment including DevSecOps, CI/CD, Docker, Kubernetes, and OpenShift.
|
|
|
|
|
|
|
|