1. I T ’ S L I K E A P P S E C , B U T F O R S T A R T U P S
TWUBHUBOOK
2. Originally from the bay, Brent spends his time
doing all the fun things LA has to offer while he
longs for the days when he can move back home.
Finally has a twitter account.
a.k.a. @brentjo on GitHub @gsmbj on twitter
Brent Johnson
TROJAN. BOUNTY TRIAGE
EXPERT. BUSINESS LOGIC
FLAWS ARE HIS FRIEND.
3. I like dog.
Twitter: @ndm
Neil
“oreoshake”
Matatall
ASPIRING PARK RANGER.
DOES NOT LIKE COMPUTERS.
4. W H A T ’ S A T W U B H U B B O O K
Greenfield
In many disciplines a greenfield project is one that lacks constraints
imposed by prior work. The analogy is to that of construction on
greenfield land where there is no need to work within the constraints
of existing buildings or infrastructure - Wikipedia
5. W H A T ’ S A T W U B H U B B O O K C O N T ’ D
Young application
Think pre-pre-pre-pre-pre-IPO.
6. W H A T ’ S A T W U B H U B B O O K C O N T ’ D
Mature application
7. The Future: 2025
D A Y O N E O N T H E J O B
Oddly, the mannequin challenge is still even in
2025.
8. 2
4
| Agree on acceptable technology
| Always stay current
| Review architecture
| Code review culture
9. 4
| Agree on acceptable technology
| Always stay current
| Review architecture
| Code review culture
10. 4
| Agree on acceptable technology
| Always stay current
| Review architecture
| Code review culture
11. | Agree on acceptable technology
| Always stay current
| Review architecture
| Code review culture
12. B E I N T H E B U S I N E S S O F P R E V E N T I O N
SECURITY DOES NOT
HAVE TIME TO FIX
OR FIND BUGS
28. The IPO
engineer = Twubhubbook.appsec_team.first;
engineer.company = BayArea.startups.next;
29. “STARTING UP SECURITY” - RYAN MCGEEHAN
HTTPS://MEDIUM.COM/STARTING-UP-SECURITY
“THE SAAS CTO SECURITY CHECKLIST” - SQREEN
HTTP://CTO-SECURITY-CHECKLIST.SQREEN.IO/
Further Reading