Welcome! My name is Keith Hoodlet; in case you couldn’t tell by the site name - my passion for technology resides at the intersection of Application Security and Software Development.
If you’re looking for information on what I do professionally, feel free to check out my LinkedIn profile. Likewise, if you’re interested in learning about the sort of trouble I’m getting up to, you can navigate to either my Mastodon or GitHub pages where I’m either talking about or working on various projects to help make software security easier for developers. You can also view some of the (usually off-topic) things I’m reading about over at Instapaper.
In terms of my past work, I was previously named as one of the world’s 50 Influential DevSecOps Professionals on Peerlyst (2019). I think that accolade is largely due to starting the Application Security Weekly podcast with Paul Asadoorian, where I acted as show host for episodes zero through fifty-five. As of writing this page, my name is still visible as
CO-HOST in the background logo for the show more than 135 episodes later.
In addition to the podcast, back in 2017 I re-launched the InfoSec Mentors Project with the help of my friend and mentor - Jimmy Vo. This site ran successfully for a little over 3 years before we archived the project in 2020. At the height of its usage, the project had over 500 users and connected more than 165 people to mentors in the field. Someday I may go back and revive the site again - albeit with a more robust framework next time.
Anyway, between kicking off the InfoSec Mentors Project and my final episode with the podcast I worked at security companies such as Rapid7 and Bugcrowd. After leaving Bugcrowd to start the Application Security / DevSecOps program at Thermo Fisher Scientific, I eventually went on to become a Top 100 Security Researcher and MVP on the Bugcrowd platform (2018). While I haven’t actively hunted for bug bounties in some time, I still somehow continue to receive invitations to private bug bounty programs.
Nowadays I spend most of my free time learning, thinking, discussing, and writing about complex problems. When I’m not doing that, I’m usually reading a book, cuddling with one of my two black cats, or traveling with my wife. As part of my travels I have delivered both talks and trainings globally on the topics of DevSecOps, Secure Software Development, Offensive Web Hacking, and Application Security - a trend I hope to continue for many years to come. Below you’ll find links to recordings for some of the talks I’ve had the pleasure to give.
Oh, and if you find my writing useful or interesting, you are always welcome to buy me a coffee (or tea). Thanks for stopping by; I hope you enjoy the content!
Keith // securingdev
- BSides Dublin (2022) - Speaker, “Security is a Feature” (v2)
- GitHub Universe (2020) - Speaker, “Security is a Feature” (v1)
- DerbyCon 8.0 (2018) - Speaker, “Hacking the Tardis” (Mental Health & Wellness Village)
- OWASP AppSecDay Australia (2018) - Keynote Speaker, “We Broke the Build”
- InfoSec World Orlando (2018) - Speaker, “Attack Driven Development”
- HackFest Canada (2017) - Speaker, “Attack Driven Development”
- DerbyCon 7.0 (2017) - Trainer, “Offensive Web Hacking”
- DevSecCon Boston (2017) - Speaker, “Attack Driven Development”
- BSides Boston (2017) - Conference Organizer & Panel Moderator, “Breaking into InfoSec”