CISA Welcomes Aeva Black: Joining Our Team to Strengthen Open Source Software Security
At CISA, the best part of our organization is undoubtedly the exceptional people we get to collaborate with every day. Our mission to protect and secure our nation’s critical infrastructure is driven by the talent, dedication, and expertise of our diverse team. We are thrilled to share that more outside experts are joining our ranks, drawn by the opportunity to contribute to the critical work we do. Today marks an exciting moment as we announce the addition of Aeva Black to our team. With great enthusiasm, we welcome Aeva as CISA’s Open Source Security Lead, a role that will undoubtedly strengthen our efforts to ensure robust software security across our nation’s critical systems.
With a career spanning more than two decades, Aeva has a diverse and deep well of technical knowledge and skills gained working for some of the nation’s most renowned technology companies. Their leadership experience in managing teams and careful handling of crucial partnerships, along with their fervent commitment to improve the security and accessibility of open source software, are just a few of the many of reasons we are thrilled to welcome Aeva to the team.
To fulfill CISA’s mission of understanding, managing, and reducing risks to the federal government and critical infrastructure, we recognize the importance of safeguarding open source software–the foundation of our nation’s critical infrastructure. Over 70 years, open source has driven innovation and rapid software development, impacting every industry. However, it also poses risks as malicious actors exploit vulnerabilities, posing threats to global cybersecurity. CISA is actively addressing these challenges through initiatives like coordinated vulnerability disclosure and collaborations with the Joint Cyber Defense Collaborative (JCDC), Office of the National Cyber Director (ONCD), the Office of Management and Budget (OMB). We are also coordinating with the Open Source Security Foundation (OSSF) with the shared goal of making a tangible impact in enhancing open source software security.
Aided by Aeva’s leadership and extensive open source software expertise in the private sector, we are launching a new initiative at CISA to engage with open source community organizations. By fostering security by design and default principles within this dynamic and innovative community, we aim to strengthen the overall security posture of open source software. Aeva comes to CISA with loads of great ideas—and the expertise to back them—as we develop our open source initiative.
Throughout their career, Aeva has been credited with numerous inventions related to security. Notably, their works are licensed as open source, demonstrating their belief in the power of collaboration and knowledge-sharing. Among the open source projects they founded are OmniBOR (formerly known as "GitBOM") and OpenStack Ironic "Bare Metal", which have significantly contributed to the advancement of software and cloud security in open source.
Aeva is a rockstar. With a commitment to the open source community extending beyond their professional endeavors, Aeva has actively contributed to renowned organizations such as the Open Source Initiative (OSI) and the OpenSSF. Aeva’s dedication to advancing open source principles and their involvement in various technical advisory committees underscores their desire to shape the future of secure software practices.
As a child prodigy turned creative genius, Aeva self-taught calculus at age 12, skipped grades 11 and 12, and joined university at age 14. An adventurer at heart, Aeva is an avid motorcyclist and recently completed an American border-to-border drive, riding along the Pacific Coast Highway through snowy mountains in Washington and Oregon, rains in the coastal redwoods of northern California, and a rare desert-bloom event in the Anza-Borrego desert. Aeva’s adventures range from traveling the globe extensively to raising a pair of wolves, and their diverse experiences have cultivated a unique perspective that resonates with the creativity and passion inherent in the open source community.
Welcome aboard, Aeva Black!