Women in Security at Slack

Since its inception, Slack has fostered a culture of inclusion and diversity. The Security organization at Slack is a prime example of how women can thrive in the security space, transitioning to security from different backgrounds and expertises. With Slack’s strong commitment to diversity, it should not be a surprise that nearly a third of…

Suzanna Khatchatrian
12 min readintermediate
--
View Original

Overview

The article highlights the contributions and experiences of women in the security team at Slack, showcasing their diverse backgrounds and the company's commitment to inclusion and diversity. It details the roles of various team members and the innovative security practices being implemented to enhance product security.

What You'll Learn

1

How to implement secure-by-default services and libraries in product development

2

Why fostering a diverse security team enhances problem-solving capabilities

3

How to create effective security training programs for developers

Key Questions Answered

What initiatives does Slack have to support women in security roles?
Slack actively promotes diversity within its security team, with nearly a third of security employees identifying as women and over a third of security leadership being female. The company supports women through mentorship, training opportunities, and a culture that encourages internal mobility.
What are the main functions of Slack's Product Security team?
The Product Security team at Slack focuses on integrating security best practices into the product development lifecycle, conducting security reviews, managing penetration tests, and providing customized training for developers to ensure secure product delivery.
How does Slack's security team contribute to reducing security incidents?
By developing secure-by-default services and tools, such as the Image Processing Service and lib_crypto, Slack's security team has significantly reduced the volume of security incidents and improved overall engineering practices.

Key Statistics & Figures

Percentage of women in Slack's security team
nearly a third
This statistic highlights Slack's commitment to diversity within its security organization.
Percentage of women in security leadership at Slack
more than a third
This reflects the company's efforts to promote women into leadership roles within the security domain.

Technologies & Tools

Library
Lib_crypto
Designed to be misuse resistant for backend cryptographic needs.
Library
HTML Sanitizer
Protects against cross-site scripting attacks by sanitizing HTML.

Key Actionable Insights

1
Implementing secure-by-default libraries can significantly reduce vulnerabilities in your applications.
By prioritizing security in the development process, organizations can prevent common security issues before they arise, ultimately saving time and resources in the long run.
2
Encouraging diversity in technical teams leads to more innovative solutions.
Diverse teams bring varied perspectives that can enhance creativity and problem-solving, making it crucial for organizations to foster an inclusive environment.
3
Providing tailored training for developers can improve security awareness and practices.
By equipping developers with the necessary knowledge and tools, organizations can create a culture of security that permeates all levels of product development.

Related Concepts

Diversity In Tech
Security Best Practices
Women In Leadership