When your startup is struggling to find its product-market fit, security is the last thing on your mind - and according to security expert Matt Spitz, that’s perfectly fine!

Matt is Vanta's Head of Engineering and he joins this week's episode of Dev Interrupted to  explain everything you ever wanted to know about startups and security.

Matt debunks the real security risks we face (think S3 buckets, not nation states), how to create a company culture that embraces security and when your startup needs to start caring about all this stuff.

Episode Highlights Include:

  • (2:06) Matt's career journey
  • (7:00) Why startups suck at security
  • (13:11) Sources of security risks (employees, vendors, S3 buckets)
  • (20:54) Nation states aren't the danger
  • (25:25) Creating a culture of security
  • (28:41) "Blameless culture of reflection"
  • (33:20) How to think about investing in security