Technical Program Manager & Hacker
Bugcrowd
The best defense a security team can have is a strong offensive mindset. In order to do that, one must lear to think like a hacker. That is what I will be teaching: The ability to view your product and assets from an adversaries point of view.
This talk invites developers, tech leads, security specialists, CISOs and product managers to dive deep into the practice of viewing applications through the lens of an attacker. We will explore how adopting a hacker’s mindset can help application development and scaling by integrating security at its core.
Attendees will learn techniques to simulate real-world attacks on their systems and applications, uncovering vulnerabilities before they can be exploited maliciously. By dissecting case studies of common security pitfalls and successful hacks, this session will highlight proactive strategies and tools essential for building robust, secure applications. Key takeaways include frameworks for threat modeling, practical tips for code review processes tailored for security, and methods to foster a culture of security awareness within development teams.
Through this presentation, participants will not only gain insights into the mindset of a hacker but also acquire the skills necessary to anticipate, prevent, and mitigate potential security threats effectively. The goal is to transform the way builders and leaders think about product development and security, ensuring that the hacker mindset and practices become an intuitive part of the software development lifecycle.
Matthias “Matt” Held is a seasoned cybersecurity expert and technology leader with a career that started at the early age of 8. By 11, he was already teaching programming courses, and at 12, he contributed to digitizing a German newspaper, one of the first to go online in the country. A contributor to WordPress Core, Hosting, and Security, Matt has built a strong reputation in the tech community.
He is a frequent speaker at notable events, including TEDx, Chaos Computer Club, WordCamps, DachSec, code.talks, and the Merchant Risk Council, where he focuses on topics related to security and privacy.
As a freelancer, Matt has held leadership roles for global brands such as Nike, Bosch, National Geographic, Miele, Ford, Epic Games, and DB Schenker. In 2017, he co-founded Raidboxes, a Managed WordPress Hosting SaaS company, where he served as CTO. In 2021, Matt transitioned to Bugcrowd, where he currently serves as a Technical Program Manager while retaining his CISO role at Raidboxes.
Beyond his technical work, Matt is a prolific writer, contributing to various publications, including Wired, WPMUDEV, and TEDx. His expertise spans a range of fields from security and privacy to digital transformation and leadership, making him a respected figure in both the tech and cybersecurity industries.