Articles by David Campbell

David Campbell is the Chief Security Officer at SendGrid. He is a veteran and visionary in the rapidly evolving field of cyber security. He has nearly two decades of experience providing realistic security assessment and business-focused remediation assistance to organizations ranging from startups to public companies.

Don’t Let Your Credentials Get Stolen on GitHub

API Keys 1

GitHub and other cloud-based source control systems are awesome, and they’re extremely popular with our customers. The ease with which you can collaborate with developers across the cube or around the world is unparalleled. However, as public source control platforms like GitHub have risen to prominence, blackhats have taken note. When developers accidentally publish their secret keys to GitHub, bad … Read more ›

Update on Security Incident and Additional Security Measures

SendGrid logo

What Happened On April 8, the SendGrid account of a Bitcoin-related customer was compromised and used to send phishing emails. We initially believed that this account takeover was an isolated incident and worked with our customer to help them recover control of their account and minimize the damage of the attack. After further investigation in collaboration with law enforcement and … Read more ›

End-to-End Email Encryption with S/MIME

Best Practices
email encryption

In our last post, we provided an overview on the differences between transport layer and end-to-end encryption. We also provided some options for performing end-to-end email encryption, namely S/MIME and PGP/GPG. In this post, we will provide step-by-step instructions for configuring S/MIME on OSX’s as well as the ubiquitous iOS that powers your iPhone, iPad, etc. S/MIME relies on … Read more ›

Paranoid Email: End-to-End Crypto Primer

Best Practices
email security

SendGrid recently announced support for TLS encryption for all the email we send as part of #ResetTheNet. While this is a huge step forward for stopping bulk surveillance (spying on everybody), it does little to stop targeted surveillance (spying on a particular person of interest). Bulk Targeted vs. Targeted Surveillance SMTP with TLS protects “data in motion,” meaning that when you submit … Read more ›

SendGrid and the Future of Email Security

SendGrid TLS

UPDATED: 5 June 2014, 16:00 MDT to reflect Hotmail’s new TLS support! Here at SendGrid, we get a lot of questions about email security. Recent revelations about widespread nation state dragnet surveillance have raised awareness about email security to new levels. We are excited to announce, that effective today, all email sent via SendGrid will utilize opportunistic encryption using TLS. … Read more ›