Ken continues his career at Sonatype as Product Manager of the software security teams, where his role includes:
Ken continues to develop for and support the public OSS Index, while putting into action plans to move the development and maintenance to Sonatype development teams. Ken has expanded the coverage of OSS Index, and developed and overseen the development of numerous open source scanning tools including:
Upon acquisition of Vör Security by Sonatype, Ken worked as a senior software developer working on internal software security tools behind Sonatype's products.
Ken continued to support and develop OSS Index during this time.
TwoDucks consulting was incorporated in October 2013 and recently renamed to Vör Security. Since its incorporation Vör Security has grown to a small company of three employees.
Vör Security developed the free open source vulnerability tracking system, OSS Index, which together were acquired by Sonatype in June 2017. During this time OSS Index added support for numerous ecosystems and tool integrations and scanners.
QRA is "building tools to reduce engineering and testing costs for highly complex systems in the aviation, automotive, and utilities industries. By combining cutting edge technology, including quantum computing, and the latest mathematical techniques, QRA is able to find design flaws very early in the development cycle. QRA is poised to be at the forefront of complex system design through partnerships with leading institutions and corporations."*
I have been heavily involved in the development of the QVTrace web-based front end, built using HTML5 and AJAX technologies and communicating with the QVTrace back end to perform verification and validation of system models. My roles include:
KDM Analytics "is a security assurance company providing products and services for threat risk assessment and management, due diligence assessments, and information and data assurance. Leveraging our decades of experience in static analysis, reverse engineering and formal methods, we have created breakthrough products for the automated and systematic investigation of code, data and networks."
Much of the work performed by KDM Analytics revolves around OMG standards and specifications. My roles include a large variety of tasks in management, design, architecture, and development.