Hasnain says:

The authors(*) talk about how one large company takes a defense in depth approach to secure both its products and code.

It walks through how multiple layers are needed: From frameworks that eliminate classes of bugs, to analysis tools that catch hard-to-find flaws, to human attention and review.

*: Disclaimer - I contributed to this writeup.


On a more serious note though, I'm glad to be able to share more about the work we do on the Product Security team and the effort we invest in security - and, if this sounds interesting, we're hiring!

Posted on 2019-01-25T21:46:30+0000