Being Powerful While Powerless - Elevating Security by Leading Without Authority

Discover strategies for elevating security within an organization as an individual contributor in this 44-minute LASCON conference talk. Learn how to leverage technical and non-technical approaches to exert soft power, build a secure foundation, and evangelize security across engineering and non-engineering teams. Explore methods for scaling security efforts through tool development, program implementation, and empowering others to prioritize security. Gain insights on thriving in a role as a solo security team member, including shifting left, writing code, automation, static code analysis, dependency management, and data gathering. Understand how to effectively collaborate with IT, product managers, developers, engineers, and infrastructure teams. Discover techniques for security education, conducting phishing campaigns, and utilizing screenshots to enhance awareness.

Introduction
Story Time
Shifting Left
Writing Code
Automation
Static Code Analysis
Dependency Management
Data Gathering
IT
Product Managers
Developers Engineers
Infrastructure
Life is great
Ask a favor
Security education
Phishing campaigns
Screenshots
Summary