The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
My name is Nicole Schwartz and I am part of the GitLab Secure stage (specifically - Software Composition Analysis group). Outside of work I am part of an IoT research project (IoD), board member and temporary deputy-COO of the Diana Initiative information security conference, a staff member of SkyTalks (Def Con village), and a long time hacker / information security enthusiast.
I'm always very interested in improving process for systems so that all participants know what is expected and can contribute more effectively, especially around vulnerability disclosures.
I'd like to participate in the vulnerability disclosure working group, which matches up with my groups areas of open source and security.
Hello,
My name is Nicole Schwartz and I am part of the GitLab Secure stage (specifically - Software Composition Analysis group). Outside of work I am part of an IoT research project (IoD), board member and temporary deputy-COO of the Diana Initiative information security conference, a staff member of SkyTalks (Def Con village), and a long time hacker / information security enthusiast.
I'm always very interested in improving process for systems so that all participants know what is expected and can contribute more effectively, especially around vulnerability disclosures.
I'd like to participate in the vulnerability disclosure working group, which matches up with my groups areas of open source and security.
Thank you,
Nicole
PR https://github.com/ossf/wg-vulnerability-disclosures/pull/43