I'm an independent generalist technologist with an interest in open source vulnerability management and related software supply chain security.
Most recently, I've worked as a Software Engineer on Google's Open Source Security Team (GOSST) working on OSV.dev.
I'm passionate about a solid foundation of machine-readable vulnerability metadata for known vulnerability detection/remediation/prevention (aka "management").
- ๐ญ Iโm currently working on OSV Schema level things as a community contributor to the OpenSSF's Vulnerability Disclosures Working Group and systemic CVE data quality initiatives via the CVE Program's Quality Working Group (QWG)
- ๐ฑ Iโm currently studying a Bachelor of Psychological Science and Counselling at ACAP University College
- ๐ฌ Ask me about my feelings on CVE aggregate data quality/completeness/fitness for purpose
- ๐ Pronouns: he/him
- โก Fun fact: I've been a Linux Systems Administrator, Site Reliability Engineer (Systems Administration), Security Engineer and Software Engineer at Google, spanning two decades in Mountain View, CA and remotely in Brisbane, Australia