The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
Hi, I work on WhiteSource's "Software Composition Analysis" products with a particular focus on developer solutions. I joined WhiteSource last year via the acquisition of an open source dependency updating tool I built called Renovate Bot which now powers WhiteSource's "Remediate" product for vulnerability remediation. This group therefore matches very closely with the topics I spend most of my time on in recent years.
Hi, I work on WhiteSource's "Software Composition Analysis" products with a particular focus on developer solutions. I joined WhiteSource last year via the acquisition of an open source dependency updating tool I built called Renovate Bot which now powers WhiteSource's "Remediate" product for vulnerability remediation. This group therefore matches very closely with the topics I spend most of my time on in recent years.