Prabhath Karanth
TripActions
Council Speaker
Council - 2022 Nov 30 Zscaler Virtual Council
Prabhath (PK) leads TripActions Security & Trust Org which is responsible for Product &
Platform Security, Detection & Response, Enterprise Sec and Security Architecture &
Engineering & GRC. His organizations core mission is to ensure Tripactions meets its security &
privacy obligations to its customers, investors, regulators, and employees.
PK is Senior security leader with 16+ years of leading global, cross-functional teams across
hyper-growth startups, fortune 100 and big 4 consulting firms. Prior to Tripactions, PK served as
a security leader in Adobe for 9+ years where he drove several initiatives to level up security &
privacy as Adobe reinvented itself in the cloud and grew from $30B to $300B business. Prior to
Adobe, PK was with PwC, advising fortune 100 companies on info sec & privacy strategy,
governance, operations & technologies. PK is active in the security community and advice
startups on product & business strategy, market positioning and to solve security and business
problems at scale. PK also mentors several professionals and presents in national and
international conferences on thought leadership topics. His educational background includes a
bachelor’s degree in electronics & communications engineering and holds CISA, CISSP, CIPT,
CDPSE, ISO 27001 Lead Implementor & PCI ISA certifications.
At TripActions my organization drives several defensive and offensive security disciplines and serves as the single voice for security both internally to employees and externally with customers.
Past:
- Served as a security leader at Adobe for 9+ years where I drove several security programs and initiatives to level up security as Adobe reinvented itself in the cloud to grow from $30B to $300B business
- Architect of Adobe common Controls Framework. Championed the implementation of CCF across all Adobe cloud products, services, platforms and operations. CCF became the backbone of Adobe’s security & trust strategy, opened up global GTM opportunities and enabled Adobe to achieve compliance with various worldwide cloud security and privacy certifications
- Built a SWAT team of secops engineers & security TPMs to enforce security & ops best practices at scale for multi cloud via a companywide repeatable program through security automation
- Global leadership role around security policies, automation and cloud security. Built a team of leaders who embraced an agile mindset, and deeply engaged with 500+ product teams to ensure controls are baked into the product and feature development roadmaps
Specialities:
i)Compliance Frameworks - PCI, SOC1/SOC2/SOC3, SOX 404, HITRUST, HIPAA, FedRAMP, GDPR, CCPA, NIST 800-53, ISO27001, ISO 27701, SSPA, ISO 22301, ISMAP, IRAP, CAIQ, SIG, UK Cyber essentials, Spanish ENS, FERPA etc.
ii)Security Maturity, Risk & Governance - NIST CSF, FAIR, ISO 27005, CMMI, COSO, COBIT, BSSIM, OpenSAMM
iii)Cloud Tech - AWS, Azure, GCP, Kubernetes, Hyper-Converged Infrastructure, CI/CD, Multi Cloud, Containers/Microservices Architecture, Cloud identity management
iv)Sec Ops/Eng - Web application security, cloud security, penetration testing, vulnerability scanning, threat hunting, Red/Blue/Purple teaming, enterprise security, Incident response/SOC, SOAR, Trust & Safety, shifting left security, EDR, email security, CSPM, encryption, authentication, authorization, access management, security architecture, disaster recovery, supply chain risk management etc.