Skip to content
View GermanMT's full-sized avatar
🎯
Focusing
🎯
Focusing
23 followers · 41 following

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Highlights

  • Pro

Organizations

@securechaindev

Block or report GermanMT

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
GermanMT/README.md
📞Contact:

LinkedIn Badge

Twitter Badge

Telegram Badge

Google Scholar

🔥 My Stats:

German's GitHub stats

Top Langs

👨‍💻 About me:

PhD in Computer Engineering with strong experience in software development and cybersecurity. Specialized in software supply chain security, combining academic research and practical engineering to address risks in dependencies, build systems, and deployment pipelines. Passionate about building secure software from the ground up. I am the creator and maintainer of Secure Chain open source organisation, with the scope of enhancing Software Supply Chain security.

📃 My doctoral thesis:

Advanced Techniques for Enhancing Security in the Software Supply Chain

URI (Handle): https://hdl.handle.net/11441/177708

📃 Papers I have publlished:

Feature models to boost the vulnerability management process

Journal of Systems and Software, volume 195, January 2023, 111541

SJR: Q1 - JCR: Q1

DOI: https://doi.org/10.1016/j.jss.2022.111541

Vulnerability impact analysis in software project dependencies based on Satisfiability Modulo Theories (SMT) (2024)

Computers & Security, volume 139, April 2024, 103669

SJR: Q1 - JCR: Q1

DOI: https://doi.org/10.1016/j.cose.2023.103669

Depex: A software for analysing and reasoning about vulnerabilities in software projects dependencies (2025)

SoftwareX, volume 30, May 2025, 102152

SJR: Q3 - JCR: Q2

DOI: https://doi.org/10.1016/j.softx.2025.102152

A dataset on vulnerabilities affecting dependencies in software package managers (2025)

Data in Brief, volume 62, Jul 2025, 111903

SJR: Q3 - JCR: Q3

DOI: https://doi.org/10.1016/j.dib.2025.111903

🛠️ Technologies I master or have worked with:

Coding languages
Python  TypeScript  JavaScript  Java 
Frameworks
FastAPI  React  ExpressJS  Spring 
Databases
MongoDB  Neo4j  MySQL 
Others
CSS  HTML  TailwindCSS  Git  Ubuntu  Docker  Kubernetes 

Pinned Loading

  1. securechaindev/securechain-depex securechaindev/securechain-depex Public

    Depex is a tool that allows you to reason over the entire configuration space of the Software Supply Chain of an open-source software repository.

    Python 4

  2. securechaindev/securechain-vexgen securechaindev/securechain-vexgen Public

    A simple generating tool of Vulnerability Exploitability eXchange (VEX) and Threat Intelligence eXchange (TIX) files.

    Python 2

  3. securechaindev/securechain-ssc-ingestion securechaindev/securechain-ssc-ingestion Public

    Data pipeline for ingesting software packages from multiple ecosystems into SecureChain.

    Python 1

  4. securechaindev/securechain-mcp-server securechaindev/securechain-mcp-server Public

    The Secure Chain Model Context Protocol (MCP) server to give context about your software supply chain to any type of LLM or AI agent.

    Python 2

  5. securechaindev/securechain-frontend securechaindev/securechain-frontend Public

    User Interface for Secure Chain's open-source cybersecurity tools.

    TypeScript 1

  6. securechaindev/securechain-data-dumps securechaindev/securechain-data-dumps Public

    This repository serves as a reference and landing page for data dumps published on Zenodo.

    1