Building an Assurance and Secure Development Program
Security Program Manager
Sean has worked in application security and SDL for more than a decade. He got his start in security at Indiana University working to prevent web application attacks. He eventually moved to Microsoft where he worked on projects such as Exchange, Kinect, Xbox One and the Microsoft Threat Intelligence Center. Recently he has joined Google to manage the Android OS SDL Process. Sean is originally from Indiana and lives in Seattle, Washington. He is married to a very understanding wife and has two amazing young boys. If he had free time, it would consist of barbecuing, video games and hiking.
What does it mean to build a secure product? How do you ensure your product is designed securely before writing the first line of code or picking the first component? And how do you prove it to leadership and external entities such as auditors or regulators? This session answers these questions and shows how Android is continually evolving its security assurance program. We will discuss how to produce secure products, get executive buy in, generate artifacts for compliance and more.