Josh Bressers is the Vice President of Security at Anchore where he manages the Infosec team and guides security features for the company’s commercial and open source solutions. Additionally, Josh acts as a public security advocate and evangelist, representing Anchore on topics including DevSecOps best practices, software supply chain security, and other key cybersecurity initiatives.
Prior to joining Anchore, Josh was with Elastic where he built the product security team, managed Elastic Stack supply chain defense, and created an application security program with a strong emphasis on realistic requirements. Before Elastic, Josh was an early hire to the Red Hat Security Response Team where he specialized in helping their open source projects coordinate and disclose vulnerabilities and became the CVE Numbering Authority for all OSS projects within Red Hat. Later, he founded the Red Hat Product Security Team which oversaw security for development lifecycles and the ongoing application security for Red Hat products.
Josh is co-host of the Open Source Security Podcast and the host/producer of the Cyphercon Hacker History Podcast. Josh is a member of the OpenSSF technical advisory council, and co-lead of the OpenSSF SBOM Everywhere project. Josh is also a co-founder of the Global Security Database project which is a Cloud Security Alliance working group exploring the future of security vulnerability identifiers.