Steve Springett

Chicago, Illinois, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Steve Springett is an internationally recognized software supply chain security leader with 13+ years of experience building secure development practices, open source tooling, and high-performing teams from Chicago. As creator of OWASP Dependency-Track and chair of CycloneDX and Ecma TC54, he drives industry standards adopted by governments and major vendors while remaining deeply hands‑on across front-end and back-end development. He blends offensive research with pragmatic defensive engineering—leading secure SDLC adoption, threat modeling, and automation pipelines at organizations like ServiceNow and Axway. An influential OWASP board chair and open source maintainer, he contributes concrete fixes and features (from PURL types to SonarQube integrations) that make security tooling more usable and interoperable. Less obvious: he pairs standards leadership with day-to-day code contributions, ensuring policy decisions reflect real-world developer workflows.
code13 years of coding experience
job25 years of employment as a software developer
bookBachelor of Science (B.S.), Information Technology, Bachelor of Science (B.S.), Information Technology at University of Phoenix
github-logo-circle

Github Skills (35)

bootstrap-vue10
apim10
javascript10
sonarqube10
dependency-analysis10
api-design10
vulnerability10
user-interface10
jdbc10
java10
security10
javas10
security-vulnerability10
api10
front-end-development10

Programming languages (25)

C#MakefileGoHTMLGroovyJupyter NotebookTypeScriptShell

Github contributions (5)

github-logo-circle
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Role in this project:
userBack-end Developer & Security Engineer
Contributions:83 releases, 29 reviews, 2963 commits in 9 years 7 months
Contributions summary:Steve focused on implementing backend features and enhancing the security of the Dependency-Track platform. They addressed a security vulnerability by modifying the email publisher to handle potentially null passwords. They also added an endpoint to export project findings as FPF, and they also made a number of enhancements to the OSS Index code.
riskpackage-urlchainsupplyorganizations
DependencyTrack/frontend

Oct 2019 - Jan 2023

Frontend UI for Dependency-Track
Role in this project:
userFront-end Developer
Contributions:39 releases, 8 reviews, 630 commits in 3 years 3 months
Contributions summary:Steve primarily worked on the frontend UI for the Dependency-Track project. They added new Vue components, including a dashboard, charts, and a component for displaying information. They integrated the front-end application with REST API endpoints, and made several style and layout changes across multiple views and pages. The user also made various i18n updates to translate text within the application.
frontend-uireactdependency-trackvuefrontend
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Steve Springett