- Technology
- SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en
Software at Scale 24 - Devdatta Akhawe: Head of Security, Figma
b'
Devdatta Akhawe is the Head of Security at Figma. Previously, he was Director of Security Engineering at Dropbox, where he led multiple teams on product security and abuse prevention.
Apple Podcasts\\xa0|\\xa0Spotify\\xa0|\\xa0Google Podcasts
In this episode, we discuss security for startups, as well as dive deep into some interesting new developments in the security realm like WebAuthn and BeyondCorp. We wrap things up with slightly philosophical points on the relationship between security and regulation.
Highlights
0:00 - What got Dev interested in computer security?
4:00 - Security for a startup. What framework should a CTO use to think about security as their startup gets its first customer?
7:30 - Trends in the security space. Increasing customer demand for security due to the multi-tenant nature of the cloud. Lateral movement attacks.
12:45 - BeyondCorp. \\u201cThere\\u2019s BeyondCorp, and YOLO NoCorp\\u201d. NIST\\u2019s paper on it.
25:00 - How should I think about a Bug Bounty program as a startup founder? - Having a good \\u201cVulnerability Disclosure Policy\\u201d is an extremely valuable first step
26:30 - Why would anyone report bugs if they weren\\u2019t being paid for them?
30:00 - Interesting security products that companies might want to buy :)
34:30 - What is WebAuthn?
39:00 - How security and usability shouldn\'t be a trade-off
43:00 - Security regulations
47:00 - A repeat question - as a startup, what should I do to keep myself secure?
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.softwareatscale.dev'