/plushcap/analysis/snyk/snyk-operating-security-ownership-at-scale-twilios-perspective

Operating security ownership at scale: Twilio’s perspective

What's this blog post about?

In a roundtable discussion between Guy Podjarny, President & Co-Founder of Snyk, and Yashvier Kosaraju, Senior Manager of Product Security at Twilio, the topic of security ownership in organizations adopting DevSecOps practices was discussed. Key points included: 1) The importance of defining clear roles and responsibilities for both development and security teams; 2) Making security tooling accessible and user-friendly for developers; 3) Implementing an early win strategy, such as open source security and Software Composition Analysis (SCA); 4) Establishing a code ownership model to streamline vulnerability management; and 5) Measuring the effectiveness of security tools by tracking metrics like time taken to fix critical vulnerabilities. The discussion emphasized the need for continuous improvement in security practices, with companies regularly aligning their products to meet evolving industry needs.

Company
Snyk

Date published
Aug. 30, 2021

Author(s)
Brian Piper

Word count
885

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.