Patrick Dwyer is a Principal Consultant in Application Security with 25 years of software engineering and security experience, now helping customers at CyberCX while co-leading the OWASP CycloneDX SBOM standard ratified as ECMA-424. He uniquely combines hands-on secure development—contributing code and tooling across languages like C#, Java, Python and building features for popular repos such as dotnet-outdated—with strategic influence in standards bodies as an elected member of the Ecma International Executive Committee. Patrick has led product security at global scale, driving threat modeling, secure design reviews, and supply-chain transparency for enterprise platforms and governments. He has guided CycloneDX from open-source project to internationally adopted standard, delivering features for vulnerability transparency, AI/ML provenance, and post-quantum readiness. Equally at home writing code or advising executives, he also brings community leadership experience from volunteer governance in education and public-sector digital transformation.
A .NET Core global tool to display and update outdated NuGet packages in a project
Role in this project:
Back-end Developer
Contributions:7 reviews, 227 commits, 164 PRs in 3 years 2 months
Contributions summary:Patrick implemented several key features for the .NET Core global tool, including an option to return a non-zero exit code when updates are found. They added a new `DependencyUpgradeSeverity` enum to categorize the severity of package updates and refactored the output to utilize this. The user also added the functionality to generate JSON and text reports, enhancing the tool's reporting capabilities.
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Contributions:8 reviews, 307 commits, 178 PRs in 2 years
package-urlspdxclivexobom
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Patrick Dwyer - Principal Consultant Application Security