Implement a BYOD Policy | Best Practices for SOC 2 Compliance

Writing Your BYOD PolicyThis article will point you to the core concepts of BYOD, removable device, and cloud storage policies so that you understand best practices before writing your own. Removable media, cloud storage, and BYOD devices can be a quick and convenient way for employees to handle data.  But with this convenience comes some serious security concerns. Unprotected removable storage is an easy entry point for end users to

Read more

Why ASICS Digital Builds 12-Factor Apps with a Focus on Infrastructure

How ASICS Digital Created a Culture of You Build it, You Run it John Noss is a Senior Site Reliability Engineer at ASICS Digital, formerly Run Keeper. In this talk, he shares how ASICS Digital builds 12-Factor apps with an emphasis on infrastructure. Listen as they walk through how and why they made a dev culture of 'You Build It, You Run It' and download the slides now.

Read more

How Betterment Secures Server Access – Automate the Boring Stuff

Chris Becker, SRE, Betterment Chris Becker is an SRE at Betterment. Previously, he did similar work on Warby Parker's Infrastructure team. At Betterment, he earned the label APT (advanced persistent threat) thanks to consistently tripping alarms with his peculiar scripts and commands. In this talk, he discusses how Betterment's approach to server access controls evolved as the team grew exponentially. With more people and keys to manage, the SRE team

Read more

Senior Engineering Director at Zymergen on Code Reviews

ShareAbout Token SecurityAt Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeThis week Jeff Burkhart, Senior Engineering Director at Zymergen talks code reviews, code review fatigue, and what to do when agile becomes tedious. About The HostsMax SaltonstallMax

Read more

Director of IT & Operations at Chef on What it Means to be Secure

ShareAbout Token SecurityAt Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeThis week we are joined by Ben Rockwood, Director of IT & Operations at Chef who shares what it means to be secure, and how compliance and

Read more

Daniel Leslie Director of Security Intelligence & IT Operations at Namely on the Human Side of Security

ShareAbout Token SecurityAt Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeThis week we are joined by Daniel Leslie at Namely who shares his take on the human side of security, and what security at scale looks like

Read more

Token Security Podcast | Alan Daines Chief Information Security Officer at FactSet on Phishing

ShareAbout Token SecurityAt Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeIn this episode Max Saltonstall and Justin McCarthy are joined by Alan Daines, Chief Information Security Officer at FactSet to talk about phishing, educating on it, and

Read more

Token Security Podcast | Johnathan Hunt, VP of Information Security at InVision Talks Secure Code

ShareAbout Token SecurityAt Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeIn this episode Max Saltonstall and Justin McCarthy are joined by Johnathan Hunt, VP of Information Security at InVision to talk about pen testing, bug bounty programs,

Read more

Token Security Podcast | NYC Cyber Command

ShareAbout Token SecurityAt Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeThis episode Max Saltonstall sits down in Manhattan with Quiessence Phillips, Deputy CISO and Head of Threat Management, City of New York and Colin Ahern, Deputy CISO,

Read more

Token Security Podcast | Andrew Mulholland, Head of Core Infrastructure at BuzzFeed

Share About Token SecurityAt Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords.About This EpisodeIn this episode Justin McCarthy sits down with Andrew Mulholland, head of core infrastructure at BuzzFeed to talk about security incident response, remote access policy, and

Read more