Experienced technology professional with expertise in information security and delivery of secure cloud systems. Strong advocate for transparency in organizations and committed to ensuring the security and reliability of my open source projects through the use of industry best practices such as OpenSSF and CII Best Practices.
James Pether Sörling, a security professional and open source contributor, gave a talk at Javaforum Göteborg where he discussed how to secure your development pipeline with static and dynamic application security tests, as well as software composition analysis using Sonarqube.
In addition, Sörling was a guest on the Shift Left Like A Boss security podcast, where he discussed open source tools that can make high velocity development more secure. As an open source contributor for cfn-nag, which performs infrastructure as code (IaC) static analysis of AWS CloudFormation, he also wrote an open source module that integrates CFN-nag into SonarQube.