I have been an independent consultant for the best part of two decades and I have had the pleasure to work at some great businesses - check out my LinkedIn to see who. About ten years ago I crashed into the DevOps movement and with my security background I like to claim I sparked off the DevSecOps movement (exaggeration). In reality, what I did was, I had a mid life crisis inspiration and started a community meetup called DevSecOps - London Gathering (back in September 2017). I was inspired by a conference called DevSecCon; thank you Francois for starting this great conference and indirectly kicking me to do something and allowing me to break out of my comfort zone. I have now moved on from the meet-up, but please continue to attend and provide feedback - I know the new organisers will love this.
So bringing this back to the present time. I am now, no longer an independent consultant and have recently joined a company called Veracode as a permie - I know, who would of guessed.
When you join any company you always come across a mix of pleasant people and a few peeps you do not gel with - that’s life. I must confess, I can be a difficult person to work with (my wife tells me this 😅).
Cliche: but after 100 days of being a Veracoder I have not meet anyone I do not like.
During my first month - actually my first week, I took part in the Sales Kick Off event held in Boston, USA. This was very daunting and welcoming at the sametime - all be it with the world opening back up from COVID and for most of us not having done any international travelling for 2 years. As part of this event, I co-presented with one of my colleague and delivered the talk to a couple hundred of Veracoders including the CEO - Sam King. She quietly sat at the back and I guess some of my frank comments compelled her to quiz us at the end.
My thoughts - MM you are now on her radar or hit list 🤪.
What happened next was amazing and my first ‘aha’ moment in Veracode. She wanted us to repeat the talk to some other folks in the company - turns out to be the Exec team. Sam made me feel that all thoughts and opinions are welcome in the company and should be shared to challenge the status quo. Amazing!!!
“We are committed to making progress together”
“We value each other”
As part of my new role, being a consultant/evangelist/advocate (take your pick), one of my challenges is to make sure my colleagues are better equipped with engaging with prospects and customers. This is not the technical aspect of the solution, my Solution Architect colleagues can handle that, but more about understanding our past - the evolution of both the security and development industry over the last decade or so - in order to appreciate the current challenges that businesses face, and therefore engage with context and empathy rather than just selling a product.
Buzzword bingo:
- shift left
- release faster
- cloud native
- devsecops
Afterall, we are here to enable companies to deliver business applications within their risk tolerance.
Here are some of the “crazy ideas” i initiated:
- I formed the Veracode Library. I managed to even get one of the authors to come in and sign the copies of their book. Thank you Glenn for doing this 👍🙏🤝.
- I have been running AMA sessions, have one to one meetings with individual and attend some team calls as a guest.
- I have encouraged them to socialise and mingle with peers outside of the company e.g. meetups and conferences. So if you meet some Veracoders in the wild than please talk to them - they are nice people, trust me I too am “a nice guy”.
“We help our customers change the world”
“We have a passion and committment for security”
The above are some of the internal activities, so what about the external stuff! Well, I have hosted private Hot Topic Gatherings where I invite three to four companies to discuss a topic that they each can relate to. The first, was title “The Modern Challenges of an AppSec Programme”.
This went down really well (I would say this 🤓). Here’s some feedback from one of the attendees that I received:
> I really liked talking amongst a smaller group rather than the meetup format which are good to learn from but tend to be broadcasted rather than holding conversations until the pub after where they aren’t so good anyway. Just wish I’d taken some notes on key ideas from others to try.
So, if you feel you have a hot topic to discuss with peers, please reach out to me and we can explore if I can faciliate this. The format of the event takes place in a private room, e.g. it has been held in the boardroom of the Veracode’s London office, but I can find other suitable places as well. I then kick off the event with the usual pleasantries and then I ask one of the company members to share their view and it spirals out from there. Although the event is run by me and hosted by Veracode it is not a pitching session - you are safe in my hands 😈.
In my short tenure, I have had the opportunity to attend two conferences: KubeCon EU and We Are Developers. These two events allowed me to appreciate, IRL, what people are currently passionate about as the attendees from each come from different technical backgrounds and the focuses are very different. The next conference I will be attending is taking place in London, DevOpsDays London - so please come and find me.
Naturally, as we start to venture out, statistically it was inevitable I would catch COVID. As always, these challenges happens at the most awkward of times, as I tested positive two days before I was meant to take my wife to the airport. Taking a taxi was the only choice for her, but my company looked after me and offered to take on this cost !!!. This very kind gesture melted me (yes I am very sentimental).
So if I can summarise my first “100 days at Veracode”, then I feel comfortable … publicly … saying … I am proud to be a Veracoder.
“We are proud to be Veracode”
The Veracode Way
You will have noticed a few quotes and these represents “The Veracode Way”, they are the guiding principles that we follow.
Here’s the complete list.
` We have a passion and committment for security `
` We help our customers change the world `
` We have big goals and expect big outcomes `
` We are committed to making progress together `
` We value each other ` ` We are proud to be Veracode `