Wednesday Jul 20, 2022
EP9 - Mrityunjay Gautam: How Databricks Approaches Product Security
Databricks is responsible for massive amounts of data for more than 7,000 customers worldwide including more than 40% of the Fortune 500. This means security is mission critical and the stakes are incredibly high. To keep their customer data secure, Databricks has put major focus into building both their product security team and strategy. In January, their team had just two members and today, there are 11 with many additional roles ready to be filled.
To learn more about how Databricks approaches product security, Harshil speaks with the person leading the companies efforts — Mrityunjay Gautam, Databricks Global Head of Product Security.
Topics discussed in the episode:
- The difference between application security and product security.
- The skill matrix Mrityunjay uses in assessing skill sets of the people who join their product security team.
- His recommendations on training programs and valuable resources for those starting their career in product security.
- The three most common challenges in product security and how they can be overcome.
- Understanding the difference between product threat models and deployment threat models.
- How Databricks thinks about threat modeling given their incredibly complex environment.
- How Databricks built a highly engaged group of security champions.
- Strategies Databricks uses to cut down time spent on product security processes and workflows.
Resources mentioned:
Technical books: https://nostarch.com/
Comments (0)
To leave or reply to comments, please download free Podbean or
No Comments
To leave or reply to comments,
please download free Podbean App.