Guest speaker Joe Sullivan (former Chief Security Officer of Uber, Facebook, Cloudflare) discusses security infrastructure and incident response at scale, drawing from his experience leading security teams at major tech platforms. The talk covers practical challenges in vulnerability management, implementing detection systems, and navigating the evolving regulatory landscape for tech companies.
Part of Stanford's CS153 course on Infrastructure at Scale, taught by Michael Abbott (ex-Apple/Twitter) and Anjney Midha (a16z, ex-Discord). The course examines real-world infrastructure challenges through guest lectures from experienced practitioners.
Course site: https://cs153.stanford.edu/
Course discord: https://discord.gg/z5G6XptjsA
Topics covered:
- Building and scaling bug bounty programs
- Security incident response for distributed systems
- Threat actor attribution techniques
- Infrastructure security monitoring
- Public-private sector collaboration
- Regulatory compliance for security teams
00:00 Introduction and Early Career
00:15 Transition to Cybersecurity
00:33 Corporate Journey: eBay, PayPal, Facebook, Uber, and Cloudflare
02:07 Government and Tech: A Complex Relationship
02:38 The Collision of Public and Private Sectors
08:52 The Uber Incident: A Deep Dive
22:43 Trial and Conviction
27:03 Life After Conviction: Advocacy and Non-Profit Work
36:39 Reflections on Cybersecurity and Government Regulation