Brandon Martin leads the Security Measurement Team at NorthState Technology Solutions.  His team focuses on risk assessments and penetration tests that enable customers to benchmark and improve their security maturity and capability.  Through his experiences he earned certifications like the Offensive Security Certified Professional (OSCP), Certified Information System Security Professional (CISSP), Certified in Risk and Information Systems Controls (CRISC) and 6-Sigma Blackbelt.  Brandon performed roles in software engineering, project management, business analysis, penetration testing, and compliance consulting.  Before his current role he worked in heavy industry and banking. In his spare time Brandon enjoys writing code, spending time with family, and mentoring young people with his church’s youth program.

Was I Supposed to Mix the Security in Before I baked it?

Security practitioners advocate ideals through clichés and analogies to help others understand complex problems.  One prominent analogy espouses baking security into a solution instead of bolting security on at the end.  This seems like an obvious analogy – a baker certainly can’t add flour to a cake after it’s in the oven.  In business reality, time-to-market beats security every day of the week.  How can an architect bake security into solutions when the extra time could result in a failed venture?  This talk explores the realities of blending security into the design and implementation of solutions with a goal of realizing better is not the enemy of perfect.  Some implementations bolt on security beautifully; other design patterns prove impossible to correct.  Look forward to a meme-filled tour of architectures, design patterns, and lessons learned that will help security practitioners and business people identify if they’re cooking soup or baking cakes (…if that sounds like a mixed metaphor, don’t be late for supper).

Come and see Robert at RVAsec! Register now.