The Linux Foundation Projects
Skip to main content

Alpha-Omega is an associated project of the OpenSSF, established in February 2022, funded by Microsoft, Google, and Amazon, and with a mission to protect society by catalyzing sustainable security improvements to the most critical open source software projects and ecosystems. The project aims to build a world where critical open source projects are secure and where security vulnerabilities are found and fixed quickly.

Learn More

MEMBER ORGANIZATIONS

Organizations join Alpha-Omega because they want to take an active role in improving the security of open source software models.

Inquire to Join

ABOUT ALPHA-OMEGA

Partnering with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code – and get them fixed – to improve global software supply chain security.

Alpha” will work with the maintainers of the most critical open source projects to help them identify and fix security vulnerabilities, and improve their security posture.

Omega” will identify at least 10,000 widely deployed OSS projects where it can apply automated security analysis, scoring, and remediation guidance to their open source maintainer communities.

LATEST FROM ALPHA-OMEGA

LATEST NEWS

Alpha Omega 2024 Annual Report

| Blog | No Comments
We’re pleased to share our 2024 annual report. In it we try to convey the great progress in securing open source and our joy in seeing the increased security across…

Alpha-Omega Supports Ruby Central’s Expansion of Open Source Leadership & Security

| Blog | No Comments
Originally Posted to Rubycentral.org Author: Rhiannon Payne Ruby Central is excited to share that with the support of the Alpha-Omega Project, we are accelerating our Open Source Program by adding a full-time role…

Alpha-Omega Announces First Four Grants for Open Source Security of 2024 and Our 2024 OKRs

| Blog | No Comments
We just published our 2023 annual report and 2024 is off to a great start. In this post we’ll cover our first four grants of 2024, totaling over $750,000 and…

LEADERSHIP TEAM

OSS Supply Chain Security
Google

Bob Callaway
Principal Security PM Manager
Microsoft

Michael Scovetta
AWS
Principal, Open Source

Henri Yandell
Technical Strategist

Michael Winser
Open Source Program Manager
Amazon Web Services

Miaolai Zhou

OSS Supply Chain Security
Google

Bob Callaway

Bob Callaway is the leader of Google’s Open Source Security Team (GOSST), spearheading initiatives to bolster the security of open source software, benefiting both Google and the global community. Under his leadership, the GOSST team develops and contributes to projects that address critical areas such as supply chain integrity, observability, and vulnerability management. GOSST also plays a pivotal role in managing essential internet infrastructure services, including OSVSigstore, and Certificate Transparency logs. Bob’s influence extends to advisory positions in key organizations: he serves as a member of the Technical Advisory Council for the OpenSSF, is a co-founder and technical steering committee member of Sigstore, and represents Google on the Alpha-Omega project leadership team. His extensive experience includes engineering and leadership roles at Red Hat, NetApp, and IBM. Bob holds a PhD in Computer Engineering from NC State University, where he also shares his expertise as an adjunct assistant professor in the ECE department.

Principal Security PM Manager
Microsoft

Michael Scovetta

Michael Scovetta leads a security team at Microsoft, focused on understanding and addressing emerging security threats related to open source software and the ecosystem around it. He and his team do this by building security tools, advising engineering teams, and evangelizing good practices. Within OpenSSF, Michael co-leads the Alpha-Omega project and leads the Identifying Security Threats working group. Michael brings around 25 years of software engineering and security experience and earned a Master of Engineering in Computer Science from Cornell University and  Bachelor of Science from Hofstra University.

AWS
Principal, Open Source

Henri Yandell

Henri specializes in large-scale organization of Open Source. Starting as a committer with Jakarta and Apache Commons projects in 2001, he has served on Apache Software Foundation legal and security committees, and as a board member. From 2007 he has led Open Source at Amazon, tackling licensing, upstreaming, company projects, and now the growing field of open source security.

Technical Strategist

Michael Winser

Open Source Program Manager
Amazon Web Services

Miaolai Zhou

Mila Zhou is an open source program manager at AWS, leading funding initiatives that provide crucial support to open source projects. Drawing from her multidisciplinary background in Digital Media Technology, Economics, and Taxation, Mila brings a unique blend of technical knowledge and financial acumen to her role. Her expertise in managing large-scale open source funding programs and measuring their impact has proven invaluable in setting metrics and providing successful examples for enterprise leadership.

STAFF

Senior Program Manager
The Linux Foundation

Michelle Martineau
Program Manager
The Linux Foundation

Tracey Li

Senior Program Manager
The Linux Foundation

Michelle Martineau

Michelle Martineau is the senior Program Manager for Alpha-Omega, an OpenSSF project, leading core business operations and grantee relations. Michelle brings over 8 years of experience in project optimization and program strategy with a focus on process improvement and building teams.

Program Manager
The Linux Foundation

Tracey Li

Tracey Li is the Program Manager for Alpha-Omega.  With over 20 years of experience, Tracey has spent her career accelerating execution and driving successful outcomes.  She enjoys cutting through the clutter and working with stakeholders to deliver results that meet overall objectives without sacrificing individual goals.

AN ASSOCIATED PROJECT OF THE OPEN SOURCE SECURITY FOUNDATION

Close Menu