EP 11 - Anshuman Bhartiya: Lessons From Building Thirty Madison’s Product Security Program

Thirty Madison is a healthcare technology company that offers direct-to-consumer healthcare and wellness products for people living with chronic conditions. Founded in 2017, the company has raised over $200 million in funding and has more than 400 employees. 

As a healthcare company with millions of customers, Thirty Madison has the responsibility of holding their customers' most personal information. Keeping this highly sensitive data secure is mission critical to their business. A single breach could jeopardize their reputation and ruin their relationship with their customers. 

To ensure their customers and employees are secure, Thirty Madison brought on Anshuman Bhartiya to put in place a Product Security program that is capable of keeping up with the rapid growth of the company. In today’s episode, Anshuman joins Harshil to talk about the lessons learned as he built their Program Security program from scratch and the tactical advice he has for others who find themselves in a similar position. 

Topics:

• How to decide what problems and risks to prioritize when you are first building a product security program.
• Questions to ask executives and co-workers as you begin building your product security program. 
• How Security Guardrails can influence developers to build secure code from the beginning and how to actually make that happen. 
• Anshuman’s favorite Security Guardrail he’s implemented. 
• A lightweight approach to building and securing your SDLC. 
• #1 piece of advice for someone who is just beginning their product security journey.