2025-12-29 –, Komonin
How do you manage security in small teams or startups (2-50 people)?
What did you implement? Which changes did you implement or push for as a security person?
I previously worked at a small NGO and startup and want to create a space to share experiences.
Initially, I'll give some insights about what I implemented in the past year, however the goal is to have a discussion.
Topics might include:
- Fuzzing
- Responsible disclosure (both incoming and outgoing)
- DefectDojo, Dependabot and SecObserve
- GitHub's security features
- Static analyzers ranging from Semgrep to Zizmor
Put in notes here if you want to join! https://cryptpad.fr/pad/#/2/pad/edit/3iZ8MLCkX9I3xcTsh6uc2LwA/
This speaker also appears in: