William Woodruff

William Woodruff is a Senior Security Engineer at Trail of Bits, a NYC-based cybersecurity consultancy. He currently splits his time at work between program analysis research (primarily in LLVM) and open source supply chain and cryptography engineering. His current focus is on the Python packaging ecosystem, where he's contributed to a range of initiatives aimed at improving package security (including API tokens, 2FA support in PyPI, and most recently dependency scanning and Sigstore integration).

Outside of work, William is helps maintain Homebrew and is a contributor to a wide variety of open source projects. He maintains a personal blog at https://blog.yossarian.net. Despite working in Python, he is an unapologetic fan of Ruby.