Pangea's Inaugural Secure By Design Dinner

On February 29th or Leap Day, Pangea hosted our very first Secure by Design executive dinner. Our goal was to bridge the gap between security and engineering on Secure by Design, a set of principles developed as a blueprint for companies to embed security at the beginning of their SDLC (Software Development Life Cycle).

To succeed in shipping more secure software we must solve the cultural and organizational challenges that exist between the traditional security organization, which falls under the CISO, and the engineering organization which may fall under the CTO/VP Engineering. It is fundamental that these groups work together with a common mission to deliver a cohesive Secure SDLC.

We hosted over 40 CTOs, CISOs, and Engineering leaders at the famous Fang restaurant in downtown SF and kicked off with an informal happy hour where attendees got to know each other while discussing tech stacks and the latest trends.

We held our Panel discussion with some of the smartest minds in Cyber Security: Jack Cable, Senior Technical Advisor at CISA, Zulfikar Ramzan, Chief Scientist and EVP Development at Aura, former CTO RSA Security, Caleb Sima, former CSO at Robinhood and VP Security at Databricks, and Katie Gray, Senior Partner & Lead, Cyber Investment Practice at In-Q-Tel. Our topics went deep into balancing security and user experience to advice for new founders and even touched on the hottest topic of the evening… ultimate responsibility for security.

Our evening finished with dinner, some more great security-focused table discussions, and some “cautionary tales” from past experiences. It was rewarding to get together these individuals from different sides of the business to come together on how everyone plays a part in bringing security to the forefront of their business.

When you're ready to grow your security knowledge and keep up with the state of the art in building secure apps; explore our Secure by Design Education Hub. There you will find articles on authentication, secrets management, audit logging, and more to help you design the most secure apps imaginable. Or go from learning to doing by trying our API services for free with no credit card required. Or feel free to browse our docs to learn more about the individual services we offer such as Vault and Secure Audit Log.

Have you started implementing Secure by Design Principals at your company? How is it going and are you getting stuck anywhere? I would love to hear from you in the comments.