Security is different for startups. You have less resources but more flexibility, and your team is more engaged.
I can help you figure out which security measures are the most useful for the stage you’re in. Then, if necessary, I can help you implement them. I’m especially familiar with web application security, and providing security solutions for small growing organizations. So, if you’re building web software, we should talk. And if your organization is small and doesn’t have the budget for a full-time security person or team just yet, we should definitely talk!
I have experience with:
- Auditing and securing source code and infrastructure
- Conducting threat analysis, risk assessment, and risk mitigation
- Providing web application security training for developers
- Providing phishing awareness training and simulation
- Helping small organizations get the basics right
- Enforcing MFA
- Locking down G Suite
- Implementing procedures for offboarding personnel, and regularly checking who has access to what
- Keeping software up to date
- Making sure audit logs are available
- Minimizing access
- Managing bug bounty programs
- Implementing deception tech such as honeypots, honeytokens, and more