Time: 03:00 PM - 03:45 PM
This session will package all the insights (good, bad and ugly) we as Microsoft have accumulated in securing the software, hardware and services Microsoft employees procure and use to operate as a large enterprise. We will include Level 100 actionable tips to start in this journey, as well as 200 and 300 level insights for enterprises that are more advanced in this space. We will share our learnings from what we have done right and wrong running a large-scale Security Assurance Program for our internal Supply Chain and accelerate your own program with actionable insights. Few years ago we moved away from the questionnaire based assessments of our suppliers. Every day, new security and compliance challenges are posed by emerging technologies like SaaS solutions, IoT and complex outsourcing.
Dharmesh leads the Security Assessments Consulting & Engineering team at Microsoft. He comes with 15+ years of experience in Information Security. He is passionate about working with business and engineering teams to help secure the applications in their DevOps lifecycle and performing secure design reviews, code reviews and penetration testing. Dharmesh also leads the team that manages software supply chain security at Microsoft and works closely with the High-Risk Environment Engineering team helping the team design and build secure infrastructure for critical environments. Dharmesh has presented at many forums such as NASSCOM, DSCI on Security topics like Threat Modeling, Effective Software Security Management, Security in Cloud, Data Privacy issues in Health etc.
Neha leads the Supply Chain Security program and security engineering team at Microsoft which is responsible for securing High Risk Environments at Microsoft. Neha comes with 13+ years of solid experience in tech engineering and developments and has led key programs. Prior to working with Microsoft, she has worked with United Health Group, Accenture, HP & TCS. Microsoft being a technology company and a cloud provider itself is among the leading enterprises designing how can one secure the critical infrastructure. Her team has deep knowledge and insights on how to design for secure infrastructure and build services around to ensure secure access to administrators. Neha is a passionate about both engineering and program management. She is PMP and Certified Function Point Specialist. She has taken a number of sessions on Data Architecture and Function Point Analysis and classroom training for CFPS.