One Man Army - Playbook on how to be the first Security Engineer at a company

Presented at RVAsec 2019, May 22, 2019, 1 p.m. (50 minutes)

How often have you heard that 'Early stage startups don't care much about Security because if there is no product, there is nothing to secure?' Although there is merit in the argument that startups need to build product so as to sustain and grow, it often puts the person in charge of securing them in a tricky position. For most startups, this person is the first Security Engineer who can be somewhere between the 10th to 300th employee. By the time the first Security Engineer is on-boarded the attack surface has usually become quite large and he or she faces an uphill battle to go about securing the organization. In such cases, the Security Engineer needs to perform as a 'one-man army' keeping the attackers at bay. In this talk, i will present a playbook on how to perform as one.


Presenters:

  • Kashish Mittal - Oxygen
    Kashish Mittal is a Security Researcher and Engineer. He currently is the Head of Security at MileIQ, a Microsoft startup. He has worked for companies such as Elevate Security, Duo Security, Bank of America, Deutsche Bank etc. By choice, he is an ethical hacker and an addicted CTF player. He is a member of PPP (CMU's elite CTF group). Prior to joining Duo, he did Security Research at Cylab, Pittsburgh. He has a BS and a MS from Carnegie Mellon University with a focus on Security. He is passionate about delivering Security awareness and training for employees, college students and high schoolers etc. He has been invited to presented his research and work at various national and International Security conferences.

Links:

Similar Presentations: