beep boop software security
Senior Product Security Engineer at DigitalOcean
Securing the software supply chain and driving best practices
Activity
Loading activity...
Track Record
This section is a placeholder — track record features are coming soon.
Career8
Security Platform team lead focusing on security engineering and secure by-default support for engineering teams.
Methodologies for and implementations of mutating workload identity as GenAI tech lead. Contributed to Open Source and internal Software Supply Chain Security specs, code, and roll outs. Saved over 540 million dollars co-leading and participating in the development of CI/CD and InnerSource decisions and implementations during corporate initiative to align methodologies (2020 - 2024).
Contributed to architecture definition and implementation of CI/CD for server platform validation.
Product Security Expert. Security consulting on software architecture. Guides projects through Intel’s Security Development Lifecycle (2017 - present). Security validation for various Intel products. Leads an international team of contributors working on Data Flow Facilitator for Machine Learning. Developed paravirtualized control register protection patchset for Linux and KVM. Applied machine learning to evaluate open source software packages on secure development practices, streamlining dependency review for all of Intel. Co-Maintainer of cve-bin-tool, a tool used to scan binaries for known CVEs. Mentored via Google Summer of Code program for DFFML and CVE Bin Tool (2019 - 2022, 2021).
POC showing leaked addresses allow for bypassing of Kernel Address Space Layout Randomization (KASLR) to achieve privilege escalation in the Linux kernel. Created demo showcasing Intel’s container virtualization to defend against host kernel exploits. Fuzz and penetration testing, integration with OSS Fuzz, of Intel and Open Source projects. Wrote penetration testing documentation and provided guidance to the team on how to perform pentesting.
Created a PHP + MySQL application to log, track, produce reports, and chart success of test results for Android on Intel Architecture. Developer of Distributed Android Testing system, deployable to many physical hosts using Docker. Allows many devices to be tested at once, logs available across hosts, and physical robot automated or software UIautomator tests execute the same across devices. Updated codebase of the Intel Android Telemetry project to work with Android Marshmallow. Modified client side daemons and applications, server side and database components, and production infrastructure.
Coach for Junior and Little Samurai classes 16 to 4 years old. Great gym and great coaches I've been with them for many many years. Fitness classes as well as Jiu Jitsu.
Worked in the IT Project Management Office Centralized Project Management Metrics using excel and SharePoint to ease the process of portfolio manager reviews and identify problem areas in portfolios and projects.
Education1
Publications4
john.leaflet.pub
john.leaflet.pub
john.leaflet.pub
john.leaflet.pub
Volunteering1
DFFML has been a suborg under the Python Software Organization during Google's Summer of Code since 2019. We meet every week for a group hands on sessions where mentors provide feedback to students on their work, we work through problems as a group, and plan future work. Outside of meetings mentoring involves reviewing student work, having 1:1's with students, and working to unblock their progress by fixing issues out of student's scope which we're not identified in the proposal phase.
Awards1
Member of Urban Honors College at Portland State University
Currently enrolled in Honors courses at PSU