Paul is the founder and maintainer of OpenSourceMalware.com, the worlds largest open database and collaboration platform for software supply chain threat intel.  His day job is Head of Research at Safety and is a DevSecOps OG. He loves software supply chain research and delivering supply chain offensive security training and engagements.  He’s spent the last two years deep-diving into npm and has made several discoveries about the ecosystem.  Paul founded multiple startups starting in the ’90s and has worked for NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, the Australian government.  Paul is a frequent open-source contributor and author of several DevSecOps, software supply chain and threat modelling projects. He’s currently writing a book entitled “Hacking NPM”, and when he’s not doing that, he’s snowboarding with his wife and 3 amazing kids.