Arnaud Le Hors
OpenSSF TAC Vice Chair & Senior Technical Staff Member - Open Technologies, IBM
Arnaud Le Hors is Senior Technical Staff Member of Open Technologies at IBM, working on a range of technologies with a primary focus on Open Source supply chain security. Arnaud has been working on standards and open source for over 30 years, both as a staff member of the X Consortium and W3C, and as a representative for IBM.
Arnaud Le Hors is Senior Technical Staff Member of Open Technologies at IBM, working on a range of technologies with a primary focus on Open Source supply chain security. Arnaud has been working on standards and open source for over 30 years, both as a staff member of the X Consortium and W3C, and as a representative for IBM. He has been involved in every aspect of the open technology development process: technical, strategic, political, and legal. Arnaud was editor of several key web specifications including HTML and DOM and was a pioneer of open source with the release of libXpm in 1990. Arnaud has participated in several prominent open source projects including the X Window System and Xerces, the Apache XML parser. Arnaud is the main representative for IBM at W3C and INCITS, a member of the Hyperledger Technical Oversight Committee and contributor to OpenSSF.
Bob Callaway
Tech Lead & Manager, Google Open Source Security Team
Bob is the tech lead & manager of the supply chain integrity group in Google's Open Source Security Team. He and his team directly contribute to critical OSS secure software supply chain projects (including sigstore that he co-founded), as well as help drive adoption of best practices throughout the broader open source ecosystem.
Bob Callaway is the technical lead and manager of the supply chain integrity group in Google’s Open Source Security Team. He and his team directly contribute to critical secure supply chain projects and drive communication & adoption of best practices throughout the open source ecosystem. Bob is a member of the Technical Advisory Council for sigstore, a Linux Foundation / OpenSSF set of projects focused on improving transparency and UX of software supply chains. Before joining Google in 2021, Bob was a member of Red Hat’s Office of the CTO where he was responsible for emerging technology strategy with strategic partners (including IBM) and a principal architect at NetApp where he focused on contributions to OpenStack and storage automation projects. He holds a PhD in Computer Engineering from NC State University where he also serves as an adjunct assistant professor in the ECE department.
Dan Appelquist
Open Source Strategist, Samsung
Dan Appelquist is an Open Source Strategist for Samsung's Open Source Group. He is an advocate for open source & open standards and has been an active contributor to the OpenSSF since 2022. He also co-chairs the World Wide Web Consortium’s Technical Architecture Group (one of the W3C’s two elected leadership groups). Previously, Dan has led web developer advocacy at Samsung Internet as well as open source and open standards initiatives at Snyk, Telefónica, Vodafone,
Dan Appelquist is an Open Source Strategist for Samsung’s Open Source Group. He is an advocate for open source & open standards and has been an active contributor to the OpenSSF since 2022. He also co-chairs the World Wide Web Consortium’s Technical Architecture Group (one of the W3C’s two elected leadership groups). Previously, Dan has led web developer advocacy at Samsung Internet as well as open source and open standards initiatives at Snyk, TelefĂłnica, Vodafone, and the UK Government. He was also a board member to for the JS Foundation for Samsung, where he played an instrumental role in creating the OpenJS Foundation.Â
Jautau “Jay” White
Open Source Software and Supply Chain Security Strategy, Microsoft
Jautau “Jay” White is a seasoned Information Security executive with over 15 years of leadership experience. He excels in building world-class teams and developing high-impact programs that effectively reduce compliance risks and strengthen Information Security and Cybersecurity measures. Jay is known for his people-centric approach, often evangelizing Information Security as a vital business function. This approach has been instrumental in gaining buy-in and influencing adoption at all organizational levels.
Jautau “Jay” White is a seasoned Information Security executive with over 15 years of leadership experience. He excels in building world-class teams and developing high-impact programs that effectively reduce compliance risks and strengthen Information Security and Cybersecurity measures. Jay is known for his people-centric approach, often evangelizing Information Security as a vital business function. This approach has been instrumental in gaining buy-in and influencing adoption at all organizational levels.
His passion for empowering his team is evident. Jay ensures that his team is equipped with the right tools for growth, engagement, and preparedness for any challenge. His educational background is extensive and impressive, holding a PhD, MBA, and MS, along with numerous professional certifications in Information Security and IT, such as CISM, CISSP-ISSAP, CDPSE, CCNA, and ITIL.
Jay’s expertise is not limited to technical skills; he is fluent in Spanish and possesses a deep understanding of agile SDLC processes. He is reputed for his ability to connect enterprise-wide teams and bridge gaps, making him a valuable asset to any organization. His leadership style and professional acumen position him as a prominent figure in the field of Information Security.
Marcela Melara
Research Scientist, Intel Labs
Dr. Marcela Melara is a Research Scientist in the Security and Privacy group at Intel Labs. Her research focuses on solutions for trustworthy distributed systems, and she leads a number of internal, academic and open-source efforts on software supply chain security. Marcela’s work appears in various publications, conferences and patents, and has been adopted in several open-source and commercial software products.
Dr. Marcela Melara is a Research Scientist in the Security and Privacy group at Intel Labs. Her research focuses on solutions for trustworthy distributed systems, and she leads a number of internal, academic and open-source efforts on software supply chain security. Marcela’s work appears in various publications, conferences and patents, and has been adopted in several open-source and commercial software products.
Michael Lieberman
Co-Founder & CTO, Kusari
Michael Lieberman is co-founder and CTO of Kusari. His passion is in applying his expertise to use cases where privacy and security are paramount. Mostly recently he has been focused on work within the software supply chain security space. He is also highly committed to open-source, having co-created projects like GUAC and FRSCA, along with having co-lead white papers like the CNCF’s Secure Software Factory Reference Architecture.
Michael Lieberman is co-founder and CTO of Kusari. His passion is in applying his expertise to use cases where privacy and security are paramount. Mostly recently he has been focused on work within the software supply chain security space. He is also highly committed to open-source, having co-created projects like GUAC and FRSCA, along with having co-lead white papers like the CNCF’s Secure Software Factory Reference Architecture. He is an OpenSSF SLSA steering committee member, tech lead for the CNCF Security Technical Advisory Group (STAG), and formerly co-chaired the CNCF FinServ User Group. His career has led him from startups to multinational financial institutions and everything in between.
Sarah Evans
Security Research Technologist, Dell Technologies
Sarah Evans is a dynamic and inspiring figure in the field of cybersecurity with the aim of advancing Open Source Software (OSS) security. At Dell, Sarah has been instrumental in cybersecurity innovation, conducting research within the global CTO R&D organization. Her career spans pivotal roles, including being an enterprise security architect and engaging in Identity and Access Management and IT at prestigious organizations like Wells Fargo and the U.S. Air Force.
Sarah Evans is a dynamic and inspiring figure in the field of cybersecurity with the aim of advancing Open Source Software (OSS) security. At Dell, Sarah has been instrumental in cybersecurity innovation, conducting research within the global CTO R&D organization. Her career spans pivotal roles, including being an enterprise security architect and engaging in Identity and Access Management and IT at prestigious organizations like Wells Fargo and the U.S. Air Force. Remarkably, Sarah has balanced her experience in large enterprises with impactful contributions in smaller regional companies, demonstrating her versatility and commitment to enhancing cybersecurity across various scales.
Zach Steindler
OpenSSF Interim TAC Chair and Principal Engineer, GitHub
Zach first got involved in securing open source at Python Packaging sprints, and more recently helped release npm's package provenance using Sigstore. He works at GitHub as a Principal Engineer and is looking forward to continually improving the security of open source software.
Zach first got involved in securing open source at Python Packaging sprints, and more recently helped release npm’s package provenance using Sigstore. He works at GitHub as a Principal Engineer and is looking forward to continually improving the security of open source software.