About me
Tom is a maintainer of the Supply-chain Levels for Software Artifacts (SLSA) project. He works at Google as a tech lead for their internal supply chain integrity team. He previously worked in the defense industry where he was the Principal Investigator for a DARPA STAC red team (among other things).