Wednesday Jul 20, 2022

EP9 - Mrityunjay Gautam: How Databricks Approaches Product Security

Databricks is responsible for massive amounts of data for more than 7,000 customers worldwide including more than 40% of the Fortune 500. This means security is mission critical and the stakes are incredibly high. To keep their customer data secure, Databricks has put major focus into building both their product security team and strategy. In January, their team had just two members and today, there are 11 with many additional roles ready to be filled. 

To learn more about how Databricks approaches product security, Harshil speaks with the person leading the companies efforts —  Mrityunjay Gautam, Databricks Global Head of Product Security.

Topics discussed in the episode: 

  • The difference between application security and product security. 
  • The skill matrix Mrityunjay uses in assessing skill sets of the people who join their product security team.
  • His recommendations on training programs and valuable resources for those starting their career in product security.
  • The three most common challenges in product security and how they can be overcome.  
  • Understanding the difference between product threat models and deployment threat models. 
  • How Databricks thinks about threat modeling given their incredibly complex environment. 
  • How Databricks built a highly engaged group of security champions.  
  • Strategies Databricks uses to cut down time spent on product security  processes and workflows. 

Resources mentioned: 

Technical books: https://nostarch.com/

Comments (0)

To leave or reply to comments, please download free Podbean or

No Comments

Copyright 2022 All rights reserved.

Podcast Powered By Podbean

Version: 20241125