Welcome! Hola! Hallo! Bonjour! Ciao! Cześć! Konnichiwa! Huānyíng!
🔭 In Open Source, I’m actively working on the OWASP sbom-utility project I created and donated to the OWASP Foundation
🔧 IBM Contributor at the Open Source Security Foundation (OpenSSF)
🔧 Maintainer, Committer at the Open Worldwide Application Security Project (OWASP)
🌱 I’m currently all over enhancing/improving the OWASP CycloneDX specification as well as studying how to improve OWASP Dependency Track project for our CIO/CISO teams
👴 I’ve formerly chaired the Apache OpenWhisk project from incubator to graduation and contributed to the CD Foundation Tekton project
👯 I’m looking to collaborate on CI/CD and Serverless projects for DevSecOps
🤔 I’m hoping to create reusable CI/CD workflows/profiles for DevSecOps
💬 Ask me about Ohio State! ⭕ 🙌 ❗ ⭕
📫 How to reach me: Email or Slack
⚡ Fun fact: Worked on Skynet AI for the US Navy in the late 80s.. buy me a mead sometime ;)
Foundations
OWASP Foundation
OWASP Foundation, Maintainer, Contributor
Specification maintainer for CycloneDX including workign groups for v1.5: Attestations, Machine Learning (ML), Manufacturing (Formulation) as well as the Software Component Verification Standard (SCVS)
Author of the v1.5 Manufacturing BOM (MBOM) proposal/schema/guide; you an even see my quote in the announcement: https://cyclonedx.org/news/cyclonedx-v1.5-released/
Creator/Maintainer CycloneDX Tool sbom-utility, Maintainer CycloneDX Tool "license-scanner"
Course Author
edX: Building Cloud Native and Multicloud Applications
Coursera: Building Cloud Native and Multicloud
Covers core concepts and practices of building and running Cloud Native applications and how to run these applications in a multicloud environment including DevSecOps, CI/CD, Docker, Kubernetes, and OpenShift.
Badges Developer Profession - Level 3 Expert IBM Open Source Strategic Committer IBM Quantum IBM Quantum IBM Cloud Kubernetes Service IBM Cloud Essentials IBM Building Cloud Native & Multicloud Applications