Skip to content
View diogoteles08's full-sized avatar

Highlights

  • Pro

Organizations

@googlers

Block or report diogoteles08

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
diogoteles08/README.md

About me ๐Ÿ‘จโ€๐Ÿ’ป

  • ๐Ÿ˜„ Pronouns: He/Him
  • ๐Ÿ‡ง๐Ÿ‡ท I am Brazilian! Currently Living in Sรฃo Paulo
  • ๐ŸŽ“ Graduated in Computer Engineering in University of Campinas (UNICAMP), with an exchange program to Russia ๐ŸŽ’
  • ๐Ÿ’ป My favorite language is Kotlin, and I love to code using VIM
  • ๐Ÿ•ถ๏ธ Fun facts:
    • ๐Ÿˆ I'm a very proud cat dad! His name is Ravi ๐Ÿฅฐ
    • ๐ŸŽฎ I'm a fan of Dark Souls series and I'm enjoying my recently bought Playstation 5 ๐Ÿ˜‹
    • ๐Ÿท I love wine and I'm starting to learn about them hehe
  • ๐Ÿข I work at Google on Google Open Source Security Team (GOSST)
  • ๐Ÿ“– My next learning objectives are French and improving general communication/leading skills
  • ๐Ÿ’ฌ I'd be more than happy to receive any contact through [email protected], Twitter or LinkedIn ๐Ÿ˜ƒ

About GOSST ๐Ÿ‘ป

Logo of GOSST team

GOSST was created as a response to the current scenario of increasing attacks on supply chain projects. The team counts with experienced open-source contributors and works alongside the Open Source Security Foundation (OpenSSF) to develop and spread solutions to make open software safer at scale. You can read more about Google initiatives on open source on this blogpost.

More specifically, I'm part of a sub-team responsible for our direct engagement with the Open Source community. We work with critical open source projects to help them increase their security, in any way we can. As a team, our goal is to:

  • Build individual analyses and approaches for each project.
  • Evaluate and suggest solutions or enhancements that would better fit the repository and not burden the maintainers.
  • Welcome and conduct discussions about our suggestion or any security solutions the maintainers prefer, as we can surely provide specific help according to their demands.
  • If possible and wanted, implement the changes ourselves via PRs to contribute with the discussed improvements.
  • Collect all kinds of feedback, as we work closely with OpenSSF and any complaints would be kindly heard.

Please read more about our acchievements on our 1-year blogpost.

Security Solutions

See below some of the tools developed by GOSST and the OpenSSF:

  • Scorecard: automated checks to evaluate a project's security practices and suggest improvements as needed
  • SLSA (pronounced "salsa"): a standard and protocol to ensure an artifact's provenance, guaranteeing it comes from the expected location and process. It prevents tampering and improves the integrity of infrastructure and consumed packages
  • Sigstore: keyless signing and verification of artifacts
  • OSS-FUZZ: automated fuzzing at scale, now fuzzing 800+ projects in 6 languages
  • OSV: a precise human - and machine - readable database of vulnerabilities that maps affected software versions across open source ecosystems
  • OSV-Scanner: A frontend for the OSV Database that connects a projectโ€™s list of dependencies with the vulnerabilities that affect them
  • GUAC: graph database of security metadata (in development)

Popular repositories Loading

  1. mySetup mySetup Public

    Vim Script 1

  2. mc613 mc613 Public

    Forked from gpspelle/mc613

    VHDL 1

  3. ms211 ms211 Public

    Forked from lcnzg/ms211

    Projetos da disciplina MS211, UNICAMP, 2018-1

    MATLAB 1

  4. mc504 mc504 Public

    Forked from lcnzg/mc504

    Projetos da disciplina MC504, UNICAMP, 2018-1

    C 1

  5. mc346 mc346 Public

    Haskell 1

  6. hackathon-covid19 hackathon-covid19 Public

    Code of solution used for a hackathon organized by Patronos, themed as solutions for covid-19 effects

    Python 1