Security
Security is different for startups. You have less resources but more flexibility, and your team is more engaged.
I can help you figure out which security measures are the most useful for the stage you’re in, and implement them as well. I’m especially familiar with web application security, and security for small growing organizations. So if you’re building web software, we should talk. If your organization is small and doesn’t have the budget for a full-time security person or team just yet, we should definitely talk.
I have experience with:
- Auditing and securing source code and infrastructure.
- Threat analysis, risk analysis, risk mitigation.
- Conducting web application security training for developers.
- Phishing awareness training and simulation.
- Helping small organizations get the basics right.
- Enforcing MFA.
- Locking down gsuite.
- Implementing procedures for off-boarding personell, regularly checking who has access to what.
- Keeping software up to date.
- Making sure audit logs are available.
- Minimizing access.
- Managing bug bounty programs.
- Deception tech (honeypots and other).