EMC Product Security Blog is authored by senior members of EMC’s Product Security Office with contributions from product security experts across the company. It discusses trends in product security assurance and shares EMC Product Security Office’s perspective on newsworthy topics. To learn more about EMC’s approach to product security, please visit www.EMC.com/security.
Eric Baize is the head of Product Security and Trusted Engineering at EMC Corporation. In his role, Mr. Baize leads EMC’s Product Security Office with company-wide responsibility for all aspects of product security including vulnerability response, security development lifecycle, implementation of common security technology, and supply chain risk management. He also oversees the definition of EMC’s security and integrity practices to protect engineering systems and product code.
Throughout his career, Mr. Baize has been passionate about building security into technology and processes. Since joining EMC in 2002, he played a central role in EMC’s evolution in security and was a founding member of the leadership team that drove EMC’s acquisition of RSA Security in 2006. He later led RSA’s strategy for cloud and virtualization. Prior to joining EMC, Mr. Baize held various positions for Groupe Bull in Europe and in the US.
Mr. Baize also serves as Chairman of the SAFECode board of directors and on the BSIMM board of advisors. He is a Certified Information Security Manager, holder of multiple U.S. patents, author of international security standards and a regular speaker at security conferences in the US and Europe.
Reeny Sondhi is Sr. Director, Product Security Engineering at EMC Corporation. She is responsible for driving the strategy and execution of EMC’s software security program including EMC’s Security Development Lifecycle, a company-wide initiative to build secure products. She also leads EMC’s common security engineering technologies and the EMC Product Security Response Center, which is responsible for managing and resolving security vulnerabilities in EMC products. Additionally, she has responsibility to lead the security certification strategy and program for EMC products.
Ms. Sondhi has a B.S. in Electronics & Telecommunications Engineering and a Master’s Degree in Business Administration. She regularly represents EMC’s software assurance practices at various industry conferences and is the EMC technical representative for SAFECode (www.safecode.org).
With 17+ years at EMC, Dan Reddy leads supply chain assurance in EMC’s Product Security Office where he has addressing product integrity since 2007. Dan also spent 15 years at New England Electric, an electric utility with nationally critical infrastructure.
He is a contributor to two SAFECode Software Supply Chain Integrity whitepapers and has been involved with the Open Group Trusted Technology Provider standard initiative since the beginning. He holds CISSP and CSSLP certificates. He has taught CS courses at Quinsigamond College in MA for 37 years. He is on the faculty co-teaching Federal IT Acquisition in the Cybersecurity Leadership program at the Smith graduate School of Business at University of Maryland.