Varun Sharma (StepSecurity)

Image for Varun Sharma (StepSecurity)

Overview

Varun Sharma is a renowned figure in the cybersecurity sector, primarily acknowledged as the founder and CEO of StepSecurity, a company dedicated to enhancing the security of CI/CD (Continuous Integration/Continuous Delivery) pipelines, particularly focusing on platforms like GitHub Actions. Before venturing into entrepreneurship, Sharma amassed considerable experience in the field of information security during his tenure at Microsoft, where he held pivotal roles, including Principal Security Software Engineering Manager. His career is marked by significant contributions to advancing security practices in the software development lifecycle, particularly in response to high-profile security incidents such as the SolarWinds breach.

Recent Developments

In recent years, Varun Sharma has been involved in several key initiatives and developments that have further solidified his reputation as an influential cybersecurity expert:

  • May 2024: StepSecurity, under Sharma's leadership, successfully secured $3 million in seed funding, which was primarily led by Runtime Ventures. This funding will further StepSecurity's mission to safeguard CI/CD environments and expand its reach to other platforms like GitLab CI, Harness, and Azure DevOps (GeekWire; FinSMEs).
  • 2023-2024: StepSecurity's "Harden Runner," a pivotal tool designed to secure CI/CD workflows, was prominently featured in "GitHub Actions in Action," a comprehensive book on orchestrating secure DevOps tasks. This endorsement underscores StepSecurity's commitment to providing innovative security solutions (LinkedIn).
  • 2023: Sharma played a crucial role in enhancing tools and policies at StepSecurity, focusing on capabilities like wildcard domain support in Block Mode to simplify egress policies and expand secure coding practices (Medium).
  • 2022: StepSecurity announced the general availability of its "Harden Runner" security agent, marking a significant milestone in its mission to secure CI/CD pipelines across industries.

Personal Information

AttributeInformation
Full NameVarun Sharma
BornNot publicly disclosed
NationalityIndian
OccupationCEO, Co-Founder, Security Expert
Known ForFounder of StepSecurity, Former Principal Security Software Engineering Manager at Microsoft
Net WorthNot publicly disclosed
EducationMSc in Information Security from Royal Holloway, University of London; Bachelor of Engineering in Computer Science from Savitribai Phule Pune University

Early Life and Education

Varun Sharma developed an early interest in technology, which paved the way for his future pursuits in computer science and cybersecurity. He completed his undergraduate education at Savitribai Phule Pune University, where he earned a Bachelor of Engineering in Computer Science. His profound interest in cybersecurity led him to pursue a Master of Science in Information Security from Royal Holloway, University of London, which he completed through a distance learning program between 2007 and 2010. These formative academic experiences built a strong foundation for his later work in the cybersecurity field, aligning his technical expertise with a strategic vision for securing software systems.

Career and Notable Achievements

Varun Sharma began his career at Infosys Technologies Ltd as a Technical Specialist before moving to Microsoft, where he occupied several key roles:

  • At Microsoft, he initially served as a Security Engineer in the ACE (Assessments, Consulting & Engineering) Team, where he honed his skills in addressing complex security challenges.
  • Rising through the ranks, he became a Senior Security Software Engineer and then a Principal Security Software Engineering Manager. Here, he led the Green Team to tackle systemic security concerns in Azure.
  • In 2021, drawing from these vast experiences, Sharma co-founded StepSecurity along with Ashish Kurmi, focusing on safeguarding CI/CD environments against supply chain attacks.
  • He notably won an All-India competition organized by Microsoft in 2006, the "Security Shootout Contest," which marked an early highlight in his illustrious career.

Current Work and Impact

Currently, Varun Sharma is dedicated to expanding the capabilities and impact of StepSecurity. His work involves pioneering security measures that protect against supply chain attacks, a growing concern in the realm of software development. StepSecurity's tools such as "Harden Runner" and "SecureWorkflows" are utilized by hundreds of open-source and enterprise projects globally, reinforcing security measures across software pipelines. Sharma's efforts continue to influence the cybersecurity landscape significantly, emphasizing proactive prevention strategies against the evolving threats targeting software infrastructures.

Conclusion

Varun Sharma exemplifies a blend of technical expertise and entrepreneurial spirit, positioned at the forefront of cybersecurity innovation. Through his leadership at StepSecurity, Sharma has been instrumental in addressing critical security vulnerabilities within CI/CD environments and advocating for broader adoption of secure coding practices. His ongoing contributions, marked by industry recognition and successful initiatives, reinforce his standing as a visionary in cybersecurity, with an enduring impact anticipated well into the future.

References

  1. GitHub - Varun Sharma
  2. LinkedIn - Varun Sharma
  3. StepSecurity Company Info
  4. Crunchbase - Varun Sharma
  5. FinSMEs - StepSecurity Funding Announcement
  6. GeekWire - StepSecurity Funding News
  7. Medium - Varun Sharma Publications