Michael Hanley of GitHub on Why Security Needs Engineering, and Vice Versa

In this episode of the Detection at Scale, Jack speaks with Michael Hanley, Chief Security Officer and SVP of Engineering at GitHub. He also spent five years at Duo Security building their security program, and is passionate about making security easy and accessible for everyone.

Topics include: 

• How to think about managing in a dual role as both head of security and engineering, and what success looks like for both.
• What some of the synergies are between security and engineering, and why the two should work as closely as possible.
• The security strategy of retaining the integrity of the world's important projects at GitHub.
• The importance of democratizing security, and making it accessible for everyone.
• The mentality of baking software development into security.
• When to introduce a security team into an organization, how to build a SecOps team, and the evolution of security within companies.
• Actionable steps for security leaders to take regarding professional development, culture, and sharing notes.  

Resources: 

• Michael's favorite open source security tools: Stream Alert, Cloud Mapper, SiLK Suite
• Keep in touch with Michael Hanley on LinkedIn: https://www.linkedin.com/in/michael-hanley-b6508913/