DevGuild Enterprise Security


NOVEMBER 14TH, 2019 | 1PM – 5:30PM

In order to sell your developer product to the enterprise, you need to show that your team, code, and processes are secure. Join 150 founders, CISOs, security engineers, and product owners as we discuss the right approach to enterprise security.


DevGuild: Enterprise Security is a half-day conference for founders, CISOs, security engineers, and product owners who build, secure, and sell developer tools for the enterprise.

Through a combination of keynote sessions, case studies, and panels, we’ll guide you through the distinct challenges developer companies face as they secure their products and their teams for enterprise deployments. Hear real stories from seasoned enterprise security leaders and developer startup founders, and leave with a clear framework for securing your own product for enterprise success.

Past DevGuild speakers include leaders from PagerDuty, Twilio, MuleSoft, GitLab, HashiCorp, and Auth0.

To suggest topics, join the DevGuild Slack Team or email


Adrian Ludwig
CISO, Atlassian

Coleen Coolidge
CISO, Segment

Maarten Van Horenbeeck
CISO, Zendesk

Patrick Coughlin
Co-Founder and CEO, TruSTAR

Talha Tariq
VP and CSO, HashiCorp

Joel Fulton
CISO, Splunk

Harshil Parikh
Head of Security, Medallia

Lisa Hall
Director of Information Security, PagerDuty

Heather Rivers
CTO, Mode

Lisa Hawke
VP of Security and Compliance, Everlaw

Oren Yunger
Investor, GGV Capital

Marzena Fuller
CISO, SignalFX

Justin McCarthy
Co-Founder and CTO, strongDM

Niall Browne
CSO, SCP Trust and Safety, Domo Inc.

Daed Latrope
Director of Security, Cisco Meraki

Shruti Gupta
Director of Engineering, Brex

Joe Ruscio
General Partner, Heavybit


Please note that this is a single track conference

1:00pm Opening Remarks

Security From The Start: Startup Security Basics

Learn the baseline security requirements expected from startups in 2019, an introduction to risk classification, and examples of the investments and tradeoffs founders make in designing for security.

Democratizing Security From The Top Down

As security trends away from a specialized art to a culture of ‘everyone does security’, identifying the threats that your company faces and communicating the importance of building securely to your team is critical to becoming a successful enterprise.

2:00pm Break

Essential Cloud Infrastructure Security

Building on a major cloud provider’s platform doesn’t make you secure. In this session we’ll cover the core tenets of modern cloud infrastructure security, including robust identity and access management, maintaining application security in multi- and shared-cloud environments, and data security at rest, in transit, and in backups.

The Anatomy Of A Modern Security Team

What are the responsibilities of modern security teams and how should you distribute these responsibilities from the start? Founders will learn how to approach security before hiring a dedicated professional, be exposed to the key traits of a great security leader, and understand the tenets of security org design. 

3:20pm Break

Passing Enterprise Security Reviews

This session will demystify the enterprise vendor risk assessment process, including identifying internal champions, navigating enterprise security orgs, and understanding the real needs of customers. We’ll also discuss when and how to work on security policies and compliance (SOC 2, ISO/IEC 27001, etc.), various cost to value considerations, who actually does the work, and the secondary benefits that certifications present to your startup.

Startup Survival: Disclosing Incidents from Routine to Breach

Security incidents are inevitable, the only thing you’re in complete control of is how you respond to them, and a well managed response can save your company from destruction. In this session we’ll explore the anatomy of an incident response through real-world case studies. 

4:30pm Break

Every IPO Needs a CISO

In this finale session we’ll explore the role of a CISO in your developer or enterprise software startup. This session seeks to answer common questions including when should founders plan to bring in a CISO, what their role at startups pre- and post-IPO is , and how they will increase your growth velocity and total valuation.


Heavybit is proud to partner with GGV Capital on DevGuild: Enterprise Security. Together, Heavybit and GGV Capital will elevate the default conversations that developer facing startups have about security and empower them to move into the enterprise.


Participation in our events and conferences requires and indicates understanding and acceptance of our conduct policy.


NOVEMBER 14TH, 2019 | 1PM – 5:30PM

2455 3RD ST, SAN FRANCISCO, CA 94107

Dogpatch WineWorks