Steve is an internationally recognized leader in software supply chain security whose work is referenced by world governments and international standards bodies. A trusted voice in the security community, he shapes industry direction through thought leadership and hands-on execution, building high-performing teams, fostering global open source communities, and driving adoption of security standards.

Steve guides teams in both the strategy and execution of secure software development. He integrates security throughout the entire development lifecycle, leading efforts in threat modeling, secure architecture and design, static, dynamic, and component analysis, offensive research, and defensive programming. Passionate about helping organizations identify and reduce risk from the software supply chain, Steve is an open source advocate and creator of OWASP Dependency-Track. He leads the OWASP Software Component Verification Standard (SCVS) and chairs both the OWASP CycloneDX Core Working Group and Ecma International TC54.

Steve serves as Vice Chair on the Board of Directors of the OWASP Foundation, where he helps drive the continued growth of the foundation and the pursuit of its mission to make secure software a reality through open collaboration, education, and innovation.