Closed joshbressers closed 3 years ago
I am unfortunately unable to add a label to this issue (I have no idea why). If someone could lend a hand with the member-nomination label I would appreciate.
@joshbressers welcome to the WG!
@joshbressers Can you create a PR similar to #20 to add yourself to the list of WG members?
I would like to join this working group. My name is Josh Bressers. I head up product security at Elastic (the creators of the ELK stack). I've been involved in open source vulnerability disclosures for a very long time. First for a company named Progeny Linux Systems, then Red Hat, now Elastic. I've helped disclose and coordinate a lot of vulnerabilities over the years (many you've even heard of).
The issue of having a standard format and API for vulnerability disclosure is something I've been working on at Elastic as I see a demand from researchers and customers for this data. (Elastic as a data company happens to be pretty good at solving this particular problem, I'm happy to see a group to collaborate with).
I have a number of connections in the distribution world, the business world, and the composition scanning world. Some of which I've already been talking to about what I'm working on, obviously everyone thinks it's a great idea. It would make sense to get as many of these groups on board with whatever solution we create.
I am a co-host of the open source security podcast. I speak at a few conferences a year (in normal years). I blog and conduct research in my free time about whatever thing happens to spark my interest.
Thanks in advance.