Skip to content
View andrewpollock's full-sized avatar

Block or report andrewpollock

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
andrewpollock/README.md

G'day 👋

I'm an independent generalist technologist with an interest in open source vulnerability management and related software supply chain security.

Most recently, I've worked as a Software Engineer on Google's Open Source Security Team (GOSST) working on OSV.dev.

I'm passionate about a solid foundation of machine-readable vulnerability metadata for known vulnerability detection/remediation/prevention (aka "management").

Pinned Loading

  1. ossf/osv-schema ossf/osv-schema Public

    Open Source Vulnerability schema.

    Go 256 118

  2. google/osv.dev google/osv.dev Public

    Open source vulnerability DB and triage service.

    Go 2.8k 336

  3. google/osv-scanner google/osv-scanner Public

    Vulnerability scanner written in Go which uses the data provided by https://osv.dev

    Go 10.6k 732

  4. github/advisory-database github/advisory-database Public

    Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

    2.4k 652

  5. mprpic/cvelint mprpic/cvelint Public

    CLI tool to validate CVE v5 JSON records.

    Go 14 4

  6. ossf/wg-best-practices-os-developers ossf/wg-best-practices-os-developers Public

    The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

    JavaScript 1k 202