2025-08-05 –, Florentine E
In this talk, Ochaun Marshall leads you through a cheat code for product security that you can use no matter the size or maturity of your business. You will leave with a clearer understanding of the differences between Application Security, platform security, and product security; some new ways of thinking about "shift left"; and some tangible steps you can bring back to your team or org. Ochaun is a security engineer at Google Cloud
This is the presentation I wish I could have given to myself when I was a starting AppSec professional. Product Security is a larger domain and discipline in the universe of InfoSec. It spans everything from an http request to silicon hardware. It enumerates every multidimensional aspect of the product, through all phases of that product's lifespan.
Ochaun Marshall is a Product Security Engineer at Google Cloud. His focus is on Rapid Risk Assessments on Google Cloud products. In his day-to-day, he collaborates with engineers, security operators, and leadership to enable Google Cloud to grow securely. Everything he does is summed up in I code. I teach. I hack. His previous talks include, “Flex Seal your CI/CD pipeline”, “The OPSEC of Protesting”, and "The last log4j talk you ever need". He has spoken at numerous Bsides and DEF CON. He’ll be presenting for Bsides LV for the first time in 2025.