The CVE Program is pleased to welcome Madison Oliver of GitHub Security Lab as the newest member of the CVE Board. Madison will provide the Board with an open source community perspective and help enhance collaboration between the CVE Program and that community.

About Madison

Madison is a vulnerability transparency advocate and Senior Security Manager at GitHub, leading the Advisory Database Curation team. She is passionate about vulnerability reporting, response, and disclosure, and her views are enriched by her prior experience as a product incident response analyst at GitHub and as a vulnerability coordinator at the CERT Coordination Center (CERT/CC) at the Software Engineering Institute at Carnegie Mellon University (CMU).

She began her engagement with the CVE Program while at CERT/CC by supporting the CERT/CC CVE Numbering Authority (CNA) and participating in many of the working groups. While there, she also coordinated vulnerabilities in high-impact, widely used software and specifications, such as HTTP/2 and Bluetooth, laying the groundwork for impactful contributions to vulnerability disclosure best practices. During her tenure at GitHub, she has been focused on open source security and has led the response to vulnerabilities such as Log4Shell (CVE-2021-44228) and managed both of GitHub’s CNAs at various points, including one of the highest assigning CNAs in the program.

She loves engaging with the technical community and students and promoting a diverse representation in technical fields. Her prior involvement in relevant Forum of Incident Response and Security Teams (FIRST) working groups and active participation in the Open Source Security Foundation’s (OpenSSF) vulnerability disclosure working group and related special interest groups underscores her continued commitment to industry collaboration. As a former undergraduate cybersecurity adjunct professor at Duquesne University, she contributed to shaping the next generation of cybersecurity professionals. She earned an M.S. in Information Security Policy and Management from CMU, and a B.S. in Security and Risk Analysis from the Pennsylvania State University (PSU). She continues to contribute to academia by serving on the PSU College of Information Sciences and Technology alumni board.

Madison’s multifaceted contributions exemplify her dedication to advancing cybersecurity, fostering community collaboration, and shaping the future of vulnerability disclosure.

About the CVE Board

The CVE Board is the organization responsible for the strategic direction, governance, operational structure, policies, and rules of the CVE Program. The Board includes members from numerous cybersecurity-related organizations including commercial security tool vendors, academia, research institutions, government departments and agencies, and other prominent security experts, as well as end-users of vulnerability information.

Feedback

Please use the CVE Blog on Medium, or use the CVE Request Web forms and select “Other” from the dropdown menu, to provide feedback about this article.