Paul is a DevSecOps evangelist and has built a reputation for delivering offensive security functions for (and against!) the software supply chain. He founded SecureStack, a pioneering cloud-native software supply chain security startup in 2017. More recently, he's founded SourceCodeRED a services and training company that helps orgs address software supply chain risk. Paul has worked for NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, GitLab and the Australian government amongst others. Paul is a frequent contributor to open source and is the author of the DevSecOps Playbook, TVPO threat modelling framework, and many other open-source projects. He’s also a pretty good snowboarder and most importantly a husband and father to 3 amazing kids.
