User-Focused Security
At the core of my security philosophy is the belief that technology exists to educate and empower. During my time at Netflix, I was committed to furthering this philosophy and implementing practical software embodying these principles. My work evolving the Stethoscope project exemplified this user-centric approach. What began as a web application transformed into a comprehensive ecosystem spanning native apps, browser extensions, and web platforms - all designed to give users clarity and control over their security posture.
Working on Netflix's incredible Information Security team provided deep exposure to Application Security, Endpoint Security, AuthN, AuthZ, MFA, Incident Response, and Threat Intelligence.
Some contributions that I am particularly proud of:
- Writing endpoint security and detection software that doesn't require admin privileges.
- Inspiring, consulting, and collaborating with leading security companies on zero trust.
- Being a strong advocate for privacy preservation and transparency in security tooling.
- Creating novel platforms for delivering relevant security information to users in the right place at the right time.
- Speaking about User Focused Security at prominent security events.
Industry Collaboration
While at Netflix, I discovered and responsibly disclosed 0-day vulnerabilities in critical frameworks like Electron and Apple's Gatekeeper. By working directly with the maintainers, my findings contributed to improved security for the wider community.
Solving complex security challenges requires teamwork that spans organizations. I've had the privilege of collaborating closely with leading companies like Google, Duo, Meta, Slack, and Spotify on cutting-edge security initiatives. These partnerships have tackled issues like endpoint management, device hygiene, and enabling users to play an active role in their security.
Additionally, I've advised numerous security startups and investors, providing strategic guidance in this rapidly evolving field.
Always Learning
Keeping users safe, educated and in control is my north star as I navigate the ever-changing security landscape.