Paul is a DevSecOps OG and spends most of his time red teaming the software supply chain and conducting vulnerability research. He was also the founder of SecureStack, a cloud-native software supply chain security startup. Paul has worked for NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, and the Australian government. More recently Paul started SourceCodeRED.com as a way to facilitate his commercial and free training products.  Paul is a frequent contributor to open source and is the author of the DevSecOps Playbook, Visualizing Software Supply Chain, TVPO threat modelling framework and several other open-source projects. He’s also a pretty good snowboarder and most importantly a husband and father to 3 amazing kids.