Welcome to Resilient Cyber!
If you’re interested in FREE content around AppSec, DevSecOps, Software Supply Chain and more, be sure to hit the “Subscribe” button below.
Join 5,000+ other readers ensuring a more secure digital ecosystem.
If you’re interested in Vulnerability Management, you can check out my book “Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem” on Amazon. It is focused on infusing efficiency into risk mitigation practices by optimizing resource use with the latest best practices in vulnerability management.
- For those that don't know you or haven't come across you quite yet, can you tell us a bit about your background in tech/cyber and your role with GitHub?
- What exactly is the GitHub Advisory Database and what is the mission of the team there?
- There's been a big focus on vulnerability databases, especially lately with some of the challenges of the NVD. What role do you see among the other vulnerability databases in the ecosystem, including GHAD and how it fits into the ecosystem?
- GitHub has a very unique position, being the most widely used development platform in the world, boasting millions of users. How do you all use that position and the insights from it to help drive vulnerability awareness across the ecosystem?
- There's been a large focus on software supply chain security, including securing OSS. What are your thoughts on these trends and some ways we can combat these risks?
- You're also involved with the CVE program, can you tell us about that?
- We know you collaborate with another group, out of OpenSSF, known as the Vulnerability Disclosure Working Group. What does that group do and what role do you play?
S6E19: Madison Oliver - Open Source & GitHub Advisory Database