Jason Chan’s Post

Excellent advice from the fine folks at HITCH PARTNERS. The time commitments and potential conflicts of interest are why I avoided advising or VC involvement until I'd retired. Not that it can't be done properly and well while you're in the seat, but it's a potential minefield.

Folks - we are going live in a few hours - still time to join! Should be a fun discussion on cloud security and culture. And there may or may not be dad jokes.

Disappointed to announce that my friends Anindita, Jackie, and I are shutting down our roadside billboard business. In retrospect, things hadn't been going well for awhile. We just couldn't see the signs. #DadJokes #Humor #HappyThursday

Early on in my time at Netflix we made the public cloud core to our enterprise security strategy. We wanted our data in the cloud, not on servers we owned/managed in a data center we leased. Devices would be simple screens to access this data - disposable and interchangeable in the way you might replace your personal cell phone. Industry at large continues its migration to the cloud, but security-wise we often have a hard time letting go of what we are used to, especially with old standards like network and endpoint controls. Nowadays, of course, business happens in the browser. It’s where the bulk of enterprise access and productivity happens. And we have some amazing options to shift our strategy - enterprise browsers like Chrome Enterprise, Talon, and Island are examples - these browsers can help you make leaps and bounds over all kinds of security problems. And more recently, we are seeing cloud development environments like Google IDX totally upend one of the thorniest enterprise issues security teams have always had - how to secure developer workstations and environments. End-to-end development can now be done wholly in-browser. Incremental thinking generally leads to incremental progress - there are so many opportunities available now in the productivity and enterprise tools space that bring massive benefit to the enterprise and their security teams - we just have to be open to thinking differently and more expansively.

Still time to join the fun in Kauai next month!

Neat writeup on ClickHouse, a great company composed of many friends and former colleagues. I've enjoyed helping out as an advisor since the early days - they've got a really bright future. https://lnkd.in/gbB9BryF

Chatting with my friends at Permiso Security next week about cloud security, career growth, etc. Should be fun!

I am looking forward to this! I am rolling up a bunch of personal learnings from the last 15 years or so to provide my best current advice for "doing security" in high growth and velocity engineering environments. Lessons learned, how to prioritize, strategy and tactics - trying to be soup to nuts on this one.

I have never really liked all these hybrid words like DevOps, DevSecOps, etc. I know labels can help, but when we have no shared understanding or working definitions, buzzwords help no one. Join Travis and I in a couple of weeks to see if there might be a better way.