
Regina
Grogan

identity and security
I was one of the original inventors of autofill at Google. As a technology, this has now been integrated into every G product. Because it has now become so easy to pay, there have been security and privacy ramifications to my invention. Now, I seek to solve the aftereffects of making it incredibly easy to pay and login on different devices.

My security focus
I focus on account security, access controls, and authentication to help companies prevent data breaches and build user trust, while protecting customers from fraud and cybercrime. Proper identity and access management is crucial for software businesses to minimize incidents and risks. Your identity is who you are, and I've seen too many users with stolen identities, credentials, and funds.
My ethical Focus
Open Source Activism
Open source software is created inspected by the community, leading to more secure and higher quality code. Transparency is important for privacy and security, which affects users.
Bring ethics back to technology
To me, technology is rooted in making the world better. I do not stand for unethical practices that hurt users. I will never stand for practices that cause users harm.
Problem Solving
It seems that many recent technological innovations create more problems then they solve. That's why I believe that we have to be transparent and honest about solving problems in our field. When problems are pointed out, be responsible and make a fix.

about me
When I was a child, I was bullied for severe shyness. One day, myself and my four friends were dismissed for recess. Instead of going out, our teacher let us go with him to the computer lab. There, he had an Ubuntu Linux computer. This is how it began. For the following three years we would play with Linux instead of going outside. Fast forward to today, all 4 of us are now working in Silicon Valley.
IAM as a security focus
Identity and Access Management
I am skilled at identity and access: onboarding/offboarding and implementing self-service portals that increase security and productivity. Enforce and abide by zero-trust and least privilege access and maintaining regulatory compliance.
Authentication
Skilled in omni-channel authentication strategies encompassing MFA, SSO, OAuth. Deep hands-on expertise implementing sign-in/sign-up flows using industry standard protocols and protecting clients.
Security By Design
Champion of security by design principles; adept at balancing usability, risk management and compliance throughout product lifecycle.

Vulnerability discovery
Testing & Validation
Testing with a focus on login and account hijacking
I have responsibly uncovered critical login and session management flaws impacting over 16 top US banks and top tech companies. Expertise in authorization bypass and logical flaws in multi-factor & single sign-on flows.
Payments
Collaborates closely with banks to remediate issues and advise on securing critical payments infrastructure against account hijacking. Passionate banking and fintech leader raising the bar in application security.​
