Building and maintaining a security culture where employees make secure decisions, trust and collaborate effectively with the security team, and feel empowered rather than afraid is key to being a trusted brand that makes the internet safer. Each October, National Cybersecurity Awareness month gives us an opportunity to celebrate that effort.
At Auth0, we focus tremendous efforts on both our organizational culture and our security culture, since Security is at the core of what we do, and trust is one of our key principles. Throughout the year, we provide training tailored to each of our audiences, run multiple engagement programs, as well as context-specific awareness campaigns. So we can't miss the opportunity of celebrating October National Cybersecurity Awareness Month both internally and externally.
This year Auth0 is hosting several events for the community:
- Avocado Labs Online Talks:
- Look! There's a threat model in my DevOps. Alyssa Miller, Application Security Advocate - Snyk
- Trust: From Zero to Hero, Annybell Villarroel, Security Culture Manager - Auth0
- Social media content highlighting those who keep us safe, those who create the tools and features we need, those who make it safer for us.
- Content on the Death of the Corporate Network from Senior Director of Engineering Duncan Godfrey, securing Node.JS Senior Manager, Product Security Marcin Hoppe, advice from CSO Joan Pepin on setting up your own bug bounty program, and a guide to treating identity as the perimeter from Cybersecurity Researcher Kim Berry.
For our employees, we will have internal challenges and experts from our Security team as well as industry-leading guests will provide talks focused on a wide range of topics:
- OWASP Top 10: Jim Manico (@manicode), Founder & Secure Coding Instructor at Manicode Security, will come to give us a remote training session on OWASP Top 10
- Hacker mindset and Burp Suite Training: Katie Paxton-Fear (@insiderPhD), Ph.D. Student, Occasional Bug Bounty hunter & Educational CyberSecurity YouTuber, will teach us how to think like a hacker and how to use Burp Suite.
- Internal Bug Hunt Challenge: to encourage employees to safely find vulnerabilities in Auth0. High or Critical severity findings get added to our internal Hall of Fame, receive swag prizes, and get company wide recognition.
- Security Demo Day: this session walks employees through a vulnerability found in the platform and showcases discovery, exploitation, and remediation.
- Phishing Challenge: we run phishing campaigns on a regular basis. Now, we are reversing the roles, and employees will have the chance to phish our Security Culture Manager, who will also explain to them how to do it safely.
- InfoSec Career Panel: the path to infosec is varied within our team; in these sessions, we will talk about personal experiences, learning paths, skills requirements, and we will have a Q&A session.
At the end of the month, all employees that complete a series of goals will participate in a raffle for prizes.
At Auth0, we are passionate about providing secure access to everyone but not just anyone, and we believe that empowering our employees to have a strong security mindset in their personal and professional lives is key to achieve this goal.
We invite you to come to celebrate with us through our external events. Happy National Security Awareness Month!
About Auth0
Auth0 by Okta takes a modern approach to customer identity and enables organizations to provide secure access to any application, for any user. Auth0 is a highly customizable platform that is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.
About the author
Annybell Villarroel
Security Culture Manager