Dana Epp

CEO

Vancouver, BC, Canada23 yrs 3 mos experience
Highly Stable

Key Highlights

  • Over 20 years as a Microsoft Developer Security MVP.
  • Led the development of a cloud security assessment tool.
  • Pioneered embedded security systems used by the Department of Defense.
Stackforce AI infers this person is a Cloud Security Architect with extensive experience in SaaS and embedded security solutions.

Contact

LinkedIn

Skills

Core Skills

Information SecurityApplication SecurityCloud ComputingIt ManagementLeadershipIdentity ManagementSecurity ArchitectureManaged ServicesEmbedded Systems

Other Skills

Active DirectoryAuthentication SystemsAuthorization SystemsAzureCISSPCisco TechnologiesCloud DevelopmentCloud SecurityComputer HardwareComputer SecurityData CenterDevSecOpsDisaster RecoveryEmbedded SecurityFirewalls

About

I’ve spent decades as a security architect that focuses on helping secure software, data and infrastructure. You might say I’ve been on and led Blue and Red Teams well before it was even a thing. I’ve built and sold several software companies focused on securing the ever changing landscape of IT, both on-premises and in the cloud. I’ve been the founder and CTO of small startups with a handful of developers all the way to managing teams with hundreds of developers from all around the world. Through all of that, what drives me is making sure information and information resources are kept secure. No matter what the size of the organization. Nor who is ultimately responsible for managing it. As a Microsoft Developer Security MVP for over 20 years, I spend a great deal of time on security (de)engineering in the cloud. Lately I’ve challenged myself to be more on Purple team, shifting more on my offensive tradecraft to help developers and IT administrators see the demonstrable impact of exploitation on vulnerabilities in their work. As the world of hybrid computing shifts more IT resources away from the office, its clear more effort is needed to educate both administrators and developers on how to build safe, decoupled systems in the cloud. I help people find and fix vulnerabilities in their apps and architecture before their adversaries do. It’s time we put thoughtfulness into the attitudes around development and administration in the cloud and I’m up for the challenge. Who else is walking this path? Let's connect.

Experience

Wildrook

Founder, CEO

Feb 2018Feb 2020 · 2 yrs · Vancouver, Canada Area

  • I led a team that architected an online security vulnerability and assessment tool for Azure applications and infrastructure. Having assessed almost a million Azure resources and finding security issues in over 73% of the engagements, it continues to be clear that cloud applications and infrastructure need help when it comes to security.
  • This vulnerability assessment tooling is now core to the consulting and application security engagements I do.
AzureVulnerability AssessmentCloud SecurityCloud ComputingInformation Security

Kaseya

2 roles

CTO

Aug 2015Feb 2018 · 2 yrs 6 mos

  • Chief Technology Officer responsible to help our team fundamentally transform the way IT management is performed in this ever connected world through the Kaseya platform.
IT ManagementTechnology TransformationLeadership

Principal Architect - Security, Identity and Access Management

Aug 2014Aug 2015 · 1 yr

  • I am responsible for the entire security, identity and access management fabric at Kaseya.
Security ManagementIdentity and Access ManagementInformation SecurityIdentity Management

Vulscan digital security

Security Engineer | Security Researcher

Jan 2003Present · 23 yrs 2 mos · Vancouver, British Columbia, Canada

  • I've spent decades helping companies find and fix vulnerabilities in their apps and infrastructure. One day I may be helping with a penetration test to find vulnerabilities in applications, and the next reviewing a threat model to help identify why security bugs fell through current software engineering processes.
  • I help to improve devsecop processes and build in application security testing (AST) into main pipelines for those businesses that care about their application security.
  • I make security (de)engineering fun. Especially for companies that are just starting to explore the creation of a 'purple team'.
Penetration TestingApplication SecurityDevSecOpsThreat ModelingInformation Security

Scorpion software corp.

Founder, CTO

Nov 2002Aug 2014 · 11 yrs 9 mos

  • I led the company in the architecture and delivery of a authentication and authorization system designed and built to support managed service providers. This included a two-factor authentication system, single sign-on (SSO) solution and password management system that all worked together to offer a seamless authN and authZ solution stack to help MSPs engage and connect with their customers securely. We were acquired by Kaseya and integrated into their entire tech stack.
Authentication SystemsAuthorization SystemsManaged ServicesSecurity Architecture

Netmaster digital security

President, CEO

Jan 1996Jan 2002 · 6 yrs

  • I led the engineering of one of the first embedded security systems on a chip and the hardening of a Linux embedded system called Gateway Guardian. This included working with Linus Torvalds to make our Linux subsystem to run headless with the Transmeta Crusoe processor for use in reprogrammable security devices in the field. This was used by the Department of Defense and NASA to help provide firewalling, secure VPN connectivity and intrusion prevention services in hostile environments.
Embedded SecurityLinux SecurityEmbedded SystemsInformation Security

Education

Canadian Forces School of Military Engineering

DeVry Institute of Technology

Electronic engineering; Computer Programming

University of the Fraser Valley

Stackforce found 100+ more professionals with Information Security & Application Security

Explore similar profiles based on matching skills and experience

Devesh Sharma

Devesh Sharma

Technical Lead

at Material

Agra, India7 yrs 2 mos exp
Cloud SecurityDevOps
Saksham Choudhary

Saksham Choudhary

Manager

at Hitesh Choudhary & Chai aur code @YT

Bengaluru, India8 yrs 3 mos exp
Start-up LeadershipBusiness Ownership
DB

Devesh B.

Director, Product and Software Security

at Adobe

Bengaluru, India18 yrs 6 mos exp
Dr Manoj Kumar

Dr Manoj Kumar

Assistant Professor

at Goa Institute of Management (GIM)

North Goa, India17 yrs 6 mos exp
Big DataCybersecurity
Nir Gaist

Nir Gaist

Founder and CEO

at Noetic

Dallas, United States28 yrs 3 mos exp
Ajay Verma

Ajay Verma

Senior Manager

at MobiKwik

Delhi, India11 yrs 11 mos exp
Cyber Risk ManagementApplication Security ArchitectureCloud SecurityPenetration TestingThreat Assessment
Prithvinder Singh

Prithvinder Singh

Sr. Manager CyberSecurity[M&A/JV’s/Partnerships]

at Grab

Singapore, Singapore15 yrs 9 mos exp
Parisa Tabriz

Parisa Tabriz

VP/GM, Chrome

at Google

Mountain View, United States19 yrs 5 mos exp
Security EngineeringEngineering ManagementApplication Security