DevOps, Security and Engineering at Slack
The OWASP Podcast Series - A podcast by The OWASP Podcast Series
Categories:
Leigh Honeywell And Ari Rubenstein are Senior Staff Security Engineers at Slack. I saw Leigh on Wendy Nather's panel during RSA Conference 2016 and was interested in getting some insight into what's going on at Slack when it comes to DevOps. As luck would have it, Ari was in the audience, so we were able to step outside into the hallway and talk about how DevOps, security and engineering work together at Slack. About Leigh Honeywell Leigh reboots computers and makes hackerspaces. Leigh is a Security Engineer at Slack. Prior to Slack, she worked at Salesforce.com, Microsoft, Symantec, and Bell Canada. Her career has included everything from stringing cable and building phone systems to responding to some of the most serious computer security incidents in industry history, shipping software to a billion people, and protecting infrastructure running companies’ critical business communications. Her community work includes founding the HackLabTO hackerspace in Toronto, Canada, and the first feminist hackerspace, the Seattle Attic Community Workshop, as well as advising countless others and speaking about hackerspace cultures, collaboration, and open source software. She is Chief Security Officer of Double Union, a women’s hackerspace in San Francisco. She is a former administrator of the Geek Feminism wiki and blog, and current adviser to the Ada Initiative, the SECTor security conference, and the Magic Vibes Corporation. Leigh has a Bachelors of Science from the University of Toronto where she majored in Computer Science and Equity Studies. About Ari Rubenstein Senior Staff Security Engineer - Developed tooling for Security Automation, Detection, and Response - Implemented multiple open-source technologies to gain visibility on a company-wide level - Led feature reviews and architecture critiques - Discovered multiple vulnerabilities in Open Source Software, and committed fixes upstream - Performed code audits and static analysis - Collaborated cross-organization on Security topics with Sales, Accounts, Engineering, and Executive teams - Managed public-facing bug bounty program for product security issues - Provided guidance for customer questions and support tickets