Jonatan Männchen
—
Securing Open-Source Infrastructure.
Making open source more secure through code, standards, and collaboration.
Located in the beautiful city of Winterthur, Switzerland. Working as CISO at the Erlang Ecosystem Foundation, Course Instructor at the ICT Berufsbildungscenter, and Technical Advisor to Sustema AG.Security Work
- Ægis — Supply Chain Security & Compliance Initiative for the BEAM ecosystem
- EEF CNA — CVE Numbering Authority for the Erlang/Elixir ecosystem
- EEF Security WG — Working group member improving BEAM security practices
- Ecma TC54 — Member of the technical committee standardizing CycloneDX SBOM
- OpenSSF — Member of the Open Source Security Foundation
Open Source
Recent Highlights
- Security Audit of Hex.pm — Coordinated the Alpha-Omega-funded audit of the BEAM package manager
- Atom Exhaustion — Why a well-understood DoS issue keeps becoming a CVE
- AI Found 5 CVEs in One Afternoon — Podcast on AI vulnerability research and the BEAM security wake-up call
- Elixir OpenChain Certification — Bringing license compliance certification to the Elixir project