About Me
I’m Sean Herschmiller. I build and lead product teams in SaaS, AI, and mobile. In every major product role, baking security into the earliest conversations didn’t just cut risk—it fundamentally accelerated team velocity and customer satisfaction.
Secure-By-Design: Not a Slogan, an Operating Model
Security by design means building safety into your products from day one, rather than patching vulnerabilities after release. This practice has moved from cutting-edge to expected, especially in SaaS and AI, where even a single breach or misconfiguration can tank user trust and waste months of work.
It’s tempting to see security as a blocker—a process that slows down shipping. That’s a myth, born from reactive security’s habit of freezing teams with late-stage fixes. The truth is, security by design prevents delays, protects reputation, and turns fire drills into rare exceptions.
The Cost of Late Security
I’ve worked on teams where security was an afterthought. We’d ship fast, celebrate, and days later scramble when a pen test or a customer flagged a critical issue. Every late fix meant a context switch, technical debt, and risk to relationships. More than once, we spent a week firefighting instead of focusing on roadmap features. In one case, a late vulnerability led to contract negotiations stalling—and months of lost momentum.
Postmortem analyses always taught the same lesson. If we’d defined security requirements up front, run threat modeling and code reviews before demoing, almost every issue would have surfaced earlier—and been easier and cheaper to fix.
Embedded Security: A Practiced Mindset
When my teams adopted secure-by-design, we made concrete changes right from intake and planning:
- Early risk mapping: Our kick-off meetings included scenarios for abuse, privacy exposures, and service disruptions.
- Joint systems diagrams: Security, engineering, and product drew architecture together, spotting risks before code.
- Security requirements in PRDs: We wrote requirements for encryption, access controls, and safe error handling alongside features.
- Developer “pre-mortems”: Engineers named where they’d expect attackers to probe and planned mitigations.
- Automated vulnerability checks: We hooked scanners and static analyzers into CI/CD, so every commit got tested before merge.
This was true whether building SaaS platforms, AI agents, or mobile apps. Security wasn’t a wall—it was a handshake.
The Productivity Dividend
When security is part of the early process, three major productivity wins emerge:
1. Faster Cycle Times
Proactive vulnerability scanning and risk reviews mean fewer critical blockers appear late. When security is “shifted left,” teams merge code with confidence, feedback is actionable, and sprints keep momentum. We saw cycle times shrink by weeks in AI and SaaS projects after this shift. Shipping wasn’t just quicker—it was steadier. Incident rates plummeted.
2. Happier Customers, Lower Support Burden
Secure-by-design means fewer embarrassing bugs reach production. Customers feel safe using the product, support spends less time on escalations, and compliance audits are easier. I’ve seen customer trust turn into expansion revenue and low churn. In one SaaS product, embedding privacy and safety from design drove up adoption and slashed time spent handling escalated bugs.
3. Fewer Fire Drills, More Focus
Teams experience less burnout. Projects run on plan because late-stage breaches (which always require all-hands) are rare. Instead of fire drills, those hours go back into shipping features, improving UX, or building analytics. Over time, this psychological safety increases team retention and health.
The Human Side: Open Dialogue, Not Gatekeeping
Security by design only works when engineers, PMs, and security leads collaborate. I learned that embedding security conversations in retros and planning—letting everyone share and challenge mitigations—opened up real dialogue. Vulnerability isn’t a weakness, but an invitation to solve before issues scale.
A few rituals that helped:
- Open feedback loops: Engineers raised usability/security tradeoffs and PMs made real-time product calls.
- Security champions: One person per squad owned security conversations, so friction became accountability.
- Celebrate found vulnerabilities: We treated “good catches” as team wins, not failures.
Security in AI and Modern SaaS: Extra Challenges, Same Approach
Embedding security upfront is vital in AI. Models aren’t just software—they’re collections of data, weights, and hidden logic. Misconfigurations in prompt design or training sets are common attack vectors. We added steps to protect model files, enforce input validation, and log access at every layer.cisa+1
For SaaS and cloud-native, secure-by-design means using memory-safe languages, minimizing attack surfaces, and automating dependency checks. We locked down container configs, used role-based access, and tied audit logs to real enforcement actions.
Stories From the Field
On an AI-powered product, our initial model was vulnerable to prompt injection. By planning input validation and adversarial testing from week one, we caught dozens of corner cases, built visible guardrails for users, and prevented silent failures.
In mobile team launches, we added encryption and privilege separation early. Bug bashes included third-party security reviews, celebrating “red team” wins that improved product quality.
In SaaS, integrating security reviews into backlog grooming stopped bad features before launch and made “security debt” a known metric.
Practical Secure-By-Design Steps for Any Team
- Add security questions to early planning: How could this be abused? What data do we store and how is it protected?
- Define security requirements in every PRD: Don’t leave them for QA or compliance later.
- Collaborate on threat modeling: Invite security and engineering to draw attacker scenarios together.
- Automate vulnerability scans in CI/CD: Make every build a checkpoint for safe code.
- Train engineers and PMs continuously: Run short risk workshops, share recent exploit stories, and refresh best practices quarterly.
Overcoming Objections and Resistance
The biggest pushback I hear is, “Security slows us down.” The evidence is clear: fires caused by missed security cost far more time and money than early UX/security prototypes or code reviews. Teams that “shift left” see productivity, velocity, and morale all go up.
Another concern is complexity. Start small. Add one risk check, one automated scan, or one shared doc. Iterate like any product feature.
For teams worried about innovation, note that security reviews often spark creative ways to build safer (and sometimes more elegant) solutions.
Secure-By-Design Is Not Optional
Regulators and customers expect security as a default. Many standards now mandate secure-by-design (GDPR, ISO, PCI DSS), and future rounds of legislation will only raise the bar. Teams who wait risk falling behind, even as security becomes a differentiator.
Final Thoughts
Security is productivity’s partner, not enemy. Teams who bake in security from day one ship faster, support customers with confidence, and spend less time fighting fires.
If there’s a single lesson from my career across SaaS, mobile, and AI, it’s this: Prioritizing secure-by-design isn’t just the right thing—it’s the smart thing.
References
- CISA, Software Must Be Secure by Design, and Artificial Intelligence No Exception
- IBM, How to Embrace Secure by Design Principles While Adopting AI
- Forbes, Secure-By-Design In The AI And Cloud Era
- Veeam, What is Secure-by-Design Approach?
- Cambridge MC, Avoid Issues in Operations: Be More Secure By Design
- Jit.io, 8 SDLC Security Best Practices
- Wikipedia, Secure by Design
- Akto, AI-Powered Secure SDLC
- CISA, Secure by Design overview
- Security Compass, What is Security by Design
- InfoQ, Building Security into Engineering Workflows and Teams
- AgileBlue, Best Practices for Securing the SDLC
- Microsoft, Secure by Design Journey: One Year of Success
- Snyk, Best Practices for Using AI in the SDLC