Eva Sarafianou
eva.sarafianou@gmail.com

I'm a Product Security Engineer and a Security Leader with a deep interest in Open Source Security. I work at Mattermost as a Product Security Engineering Lead. Previously I was a Principal Product Security Engineer at Auth0/Okta. Passionate about creating secure applications, I'm dedicated to building a robust product security program and educating developers on security threats and best practices. I've previously shared her work and insights at BlackHat EU, Real World Crypto, and OWASP AppSec IL, among others.


Work Experience

        Product Security Engineering Lead (February 2023 - Present)

                     Principal Product Security Engineer (April 2022 - January 2023)

                    Staff Product Security Engineer (June 2021 - April 2022)

                    Senior Product Security Engineer (April 2020 - June 2021)

                   Product Security Engineer (August 2018 - April 2020)

                    Security Consultant

Certifications

             Offensive Security Web Expert (OSWE), 2020 (credential)

             AWS Certified Security - Specialty, 2021 (credential)

Public Speaking

Managing Vulnerabilities in Open Source Dependencies


FOSDEM 2025 - Brussles




Managing Vulnerabilities in Open Source Dependencies


Secure Open Source Software (SOSS) Community Day 2024 - Vienna




Lessons learned from helping scale a Product Security program from startup to acquisition


DevSecCon 2022




Threat Modeling in the "Shift Security Left" era


FTW Conf 2021 (International Women's Day) - Virtual




Security Facts and Fallacies about Browser Storage


OWASP AppSecIL 2020 - Virtual




Bring your questions about Product Security


Avocado Labs community hour 2020 - Virtual 2020




The Rupture API: Productizing TLS Attacks


Real World Crypto 2017 - New York




CTX: Eliminating BREACH with Context Hiding


Black Hat Europe 2016 - London




Automating cryptanalysis of HTTPS


BSides Athens 2016 - Athens, Greece