Andrew Pollock andrewpollock
- OpenSSF
- Brisbane
- 08:38
(UTC +10:00) - in/apollock
- @andrewpollock@mastodon.au
- https://openssf.slack.com/archives/C019Y2A28Q6
- @andrewpollock.bsky.social
Highlights
I'm an independent generalist technologist with an interest in open source vulnerability management and related software supply chain security.
Most recently, I've worked as a Software Engineer on Google's Open Source Security Team (GOSST) working onOSV.dev.
I'm passionate about a solid foundation of machine-readable vulnerability metadata for known vulnerability detection/remediation/prevention (aka "management").
- 🔭 I’m currently working onOSV Schema level things as a community contributor to theOpenSSF's Vulnerability Disclosures Working Group and systemic CVE data quality initiatives via theCVE Program's Quality Working Group (QWG)
- 🌱 I’m currently studying aBachelor of Psychological Science and Counselling at ACAP University College
- 💬 Ask me about my feelings on CVE aggregate data quality/completeness/fitness for purpose
- 😄 Pronouns: he/him
- ⚡ Fun fact: I've been a Linux Systems Administrator, Site Reliability Engineer (Systems Administration), Security Engineer and Software Engineer at Google, spanning two decades in Mountain View, CA and remotely in Brisbane, Australia
PinnedLoading
- google/osv-scanner
google/osv-scanner PublicVulnerability scanner written in Go which uses the data provided by https://osv.dev
- github/advisory-database
github/advisory-database PublicSecurity vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
- ossf/wg-best-practices-os-developers
ossf/wg-best-practices-os-developers PublicThe Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
If the problem persists, check theGitHub status page orcontact support.
Uh oh!
There was an error while loading.Please reload this page.