Paul is a subject matter expert in software supply chain offensive operations. He spends his time consulting, conducting vulnerability research and delivering training at security conferences. He founded SecureStack, a pioneering application security posture management (ASPM) company in 2017. More recently, he founded SourceCodeRED, a services and training company that helps orgs address software supply chain risk holistically. Paul has worked for NASA, Boeing, the US military, Queensland government, and GitLab amongst others. Paul is a frequent contributor to open source and is the author of DarkMass, GitHax, The DevSecOps Playbook, and several other open-source projects. He’s also a pretty good snowboarder and most importantly a husband and father to 3 amazing kids.
