Eric Brown

R&D Software Engineer at Secure Sauce

Redwood City, California, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Eric Brown is an R&D software engineer and founder with 12+ years building developer-friendly security tooling, currently at Broadcom and running Secure Sauce, the maker of Precaution — a GitHub-integrated static analysis tool. He is a long-time open-source security maintainer (Bandit) whose work helped the project reach thousands of stars and millions of downloads, and has deep contributions to core OpenStack projects (Nova, Keystone, Cinder, Glance) improving configuration, VMware integrations, and secret handling. Eric blends hands-on backend engineering (Python, oslo_config, security plugins) with productizing developer workflow tools, including an open-source CLI and a React/Docusaurus frontend. His background spans engineering leadership at VMware and security ownership at IBM, where he implemented encryption and compliance features for enterprise systems. Based in Redwood City, he combines pragmatic product focus with a reputation for making security seamless for developers. An interesting detail: he built both GitHub Apps and CLI utilities that bridge CI/CD and static analysis, showing a knack for shipping integrated developer experiences.
code12 years of coding experience
job24 years of employment as a software developer
bookBachelors Computer Science, Bachelors Computer Science at Purdue University
languagesEnglish, German, Japanese
github-logo-circle

Github Skills (49)

static-code-analysis10
debug10
static-analysis10
volumes10
pytest10
security-txt10
python10
back-end-development10
testing10
configuration-management10
audit10
servicenow10
vmware10
openstack-nova10
identity-management10

Programming languages (16)

MDXJavaCSSRustMojoCGoHTML

Github contributions (5)

github-logo-circle
PyCQA/bandit

Apr 2018 - Oct 2022

Bandit is a tool designed to find common security issues in Python code.
Role in this project:
userSecurity Engineer
Contributions:23 releases, 384 reviews, 160 commits in 4 years 6 months
Contributions summary:Eric primarily contributed to the security aspects of the `bandit` tool, a security scanner for Python code. Their work involved updating the tool's functionality to address and report on newly discovered vulnerabilities. Contributions included modifying and creating plugins to scan for the use of insecure hash functions, and deprecated TLS versions. The user also updated the documentation and code to reflect changes in the related security ecosystem, updating URLs and adding example code.
python-codelinterpythonsecurity-toolssecurity
openstack-archive/bandit

Feb 2015 - Apr 2018

Python AST-based static analyzer from OpenStack Security Group
Role in this project:
userBack-end Developer & Security Engineer
Contributions:92 commits in 3 years 2 months
Contributions summary:Eric primarily contributed to enhancing the security aspects of the `bandit` static analysis tool. They refactored code to improve existing security checks, such as those for insecure cipher modes and weak cryptographic keys. Furthermore, the user added new tests to cover the identified vulnerabilities. This included the addition of checks for known insecure hash functions like SHA-1.
static-analyzerpython-astpythonsecuritysecurity-group
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Eric Brown - R&D Software Engineer at Secure Sauce