Chris Eng

Chris Eng Email and Phone Number

Limited Partner @ Runtime Ventures
Lexington, MA, US
Chris Eng's Location
Lexington, Massachusetts, United States, United States
About Chris Eng

Chris Eng is a seasoned technology executive, mentor, and advisor with over 25 years of experience in cybersecurity. As the Chief Research Officer and a founding team member at Veracode, he spearheaded all research efforts, including applied research and product security, while providing strategic guidance on product direction and M&A. During his tenure, Veracode grew from a seed-stage startup to a thriving business, culminating in multiple acquisitions between 2017 and 2022, most recently at a $2.5B valuation.Chris has been a key figure in shaping the software security market and driving advancements in security practices and methodologies. He is a sought-after speaker at industry events and serves on the review board for Black Hat USA, the security community's premier technical security conference. As a charter member of MITRE’s CWE Board, he actively contributes to the evolution of industry standards. His insights and expertise have been featured in major media outlets such as Bloomberg, Fox Business, and CBS.Before joining Veracode, Chris was a Principal Consultant and Technical Director at @stake (later acquired by Symantec), where he led high-impact security assessments for Fortune 100 companies, specializing in web applications, commercial software, and network infrastructure. He was instrumental in establishing @stake’s application penetration testing methodologies and later led Symantec’s global Attack and Penetration Center of Excellence.Earlier in his career, Chris worked as an Electrical Engineer for the U.S. Department of Defense, where he conducted vulnerability research and developed tools for the NSA Red Team to support penetration tests on government and military networks.(P.S. I'm notoriously bad with names and faces! If we’ve only met briefly, feel free to jog my memory in your connection request. Thanks in advance!)

Chris Eng's Current Company Details
Runtime Ventures

Runtime Ventures

View
Limited Partner
Lexington, MA, US
Chris Eng Work Experience Details
  • Runtime Ventures
    Limited Partner
    Runtime Ventures
    Lexington, Ma, Us
    View
  • Veracode
    Svp, Chief Research Officer
    Veracode Jan 2019 - Present
    Burlington, Massachusetts, Us
    • Scaled applied research and product security capabilities to meet the rapidly expanding needs of the business, without increasing headcount, contributing to a tripling of valuation and a $2.5B acquisition in 2022• Advocated for and drove implementation of a ”responsible AI” strategy for Veracode Fix, leveraging large language models (LLMs) alongside trusted code patches to deliver secure, reliable suggestions and enhance developer trust• Built a product incubation team responsible for exploring new capabilities from idea to proof-of-concept, with an emphasis on pragmatic applications of Machine Learning• Advised corporate development team on product strategy and led technical due diligence work streams for numerous M&A targets, both pre- and post-LOI• Contributed to cross-functional teams tasked with integrating acquired technologies into the product portfolio, including SourceClear (SCA), Jaroona (AI), Crashtest Security (DAST), and Longbow (ASPM)• Chaired the Product Security Incident Response Team (PSIRT), and served as a member of the Information Security Oversight Committee (ISOC) and the Information Security Assessment Team (ISAT)• Fielded print and television media inquiries as an official Veracode spokesperson• Briefed the Board of Directors cybersecurity committee quarterly on product security initiatives and metrics• Led security operations on an interim basis, overseeing vulnerability management, incident response, cloud architecture, security awareness, and tooling(Spin-off of Veracode to private equity, following Broadcom's acquisition of CA Technologies)
    View
  • Veracode
    Security Operations Lead (Interim)
    Veracode Feb 2020 - Aug 2020
    Burlington, Massachusetts, Us
    In addition to my primary role, led the security operations team while also screening and advising on potential CISO candidates.
    View
  • Black Hat
    Review Board Member And Track Lead
    Black Hat Feb 2018 - Present
    San Francisco, California, Us
    Curate program content for Black Hat USA. Track lead for SDL (2019), AppSec (2020, 2021), Application Security (2022), and AppSec Defense (2023, 2024).
    View
  • Runtime Ventures
    Limited Partner
    Runtime Ventures Oct 2024 - Present
    Runtime Ventures focuses on seed and pre-seed stage cybersecurity investments. We love to work with ambitious founders building the future of the secure enterprise. As operators, we've launched numerous successful security services, products, and companies. As investors and mentors, we've helped dozens of founders build great businesses with amazing potential.
    View
  • Underscore Vc
    Limited Partner
    Underscore Vc Nov 2023 - Present
    Boston, Ma, Us
    Underscore VC is an early-stage, Boston-based venture capital firm backing bold entrepreneurs with an aligned community designed to fit each startup's unique needs.
    View
  • Underscore Vc
    Core Partner
    Underscore Vc Jun 2017 - Present
    Boston, Ma, Us
    Underscore Core Community member serving as an advisor to Underscore portfolio companies.
    View
  • Hack.Diversity
    Mentor
    Hack.Diversity Dec 2023 - Present
    Boston, Massachusetts, Us
    Hack.Diversity is transforming the economy by breaking down barriers and building access for the next generation in tech. Through its nine-month program, Hack.Diversity partners with the fastest-growing technology teams to identify, develop, and equip high-performing talent to launch careers as software engineers, data analysts, and mechanical engineers. Founded in 2016, Hack.Diversity launched its New York City site in January 2023 after regional recognition for its impact generated in Boston.
    View
  • Mitre
    Charter Member, Cwe Board
    Mitre Jul 2020 - Present
    Mclean, Va, Us
    Set and promote the goals and objectives of the CWE/CAPEC Program to ensure ongoing adoption, coverage, and quality.
    View
  • Huntress
    Executive Advisor
    Huntress Aug 2020 - Feb 2021
    Columbia, Maryland, Us
    Huntress Labs provides managed detection and response services tailored for the 99%: small to medium-sized businesses (SMBs). Provided coaching on leadership development, strategic planning, and operational efficiency. Focused on refining board-level communication, aligning organizational structures, and driving long-term goals while improving team scalability, optimizing processes, fostering accountability, and supporting rapid growth and continuous improvement.
    View
  • Kaspersky
    Program Committee Member, Kaspersky Sas Conference
    Kaspersky Oct 2012 - Jun 2020
    Stadtkreis 1 Altstadt, Zurich, Ch
    Curate program content for Kaspersky Security Analyst Summit.
    View
  • Security Bsides Las Vegas
    Mentor/Coach
    Security Bsides Las Vegas May 2014 - Aug 2019
    Las Vegas, Nv, Us
    Mentor and speaking coach for first-time presenters at a global-scale event. Over a four-month period each year, provide guidance on technical content, speaking skills, slide design, and delivery, culminating in August at the annual BSides Las Vegas conference.
    View
  • Ca Technologies
    Vice President, Strategic Research
    Ca Technologies Apr 2017 - Dec 2018
    San Jose, California, Us
    • Led applied research and product security for the Veracode business unit, following CA Technologies' acquisiton of Veracode• Conducted technical due diligence for post-LOI M&A targets• Proposed and led an initiative to elevate CA Technology’s security brand via the creation of a Veracode Labs team tasked with speculative security research
    View
  • O'Reilly Media
    Program Committee Member, O'Reilly Security Conference
    O'Reilly Media Jan 2016 - Jan 2018
    Sebastopol, Ca, Us
    Curate program content for O'Reilly Security Conference. In 2018, this conference was disbanded and security content was absorbed into O'Reilly's Velocity conference.
    View
  • Veracode
    Vice President, Research
    Veracode May 2011 - Mar 2017
    Burlington, Massachusetts, Us
    • Responsible for delivering the security analysis capabilities of all Veracode products from pre-revenue to over $100M ARR at the time of acquisition by CA Technologies for $600M• Built a global, diverse applied research team with deep domain expertise in SAST, DAST, SCA, and mobile security, and knowledge of over 30 programming languages and hundreds of popular frameworks• Built a product security team, efficiently integrating security processes and tooling into the SDLC and partnering closely with engineering leadership through the evolution from waterfall to Agile Scrum to DevOps, SAFe, and beyond• Led a multi-year, data-driven scan accuracy initiative which achieved its goal of eliminating human review of scan results and reducing scan turnaround time from days to minutes• Advised executive leadership team on product strategy and messaging• Supported sales and service delivery as an SME and escalation point throughout the customer lifecycle• Attended and spoke at industry conferences, marketing roadshows, and executive events in aid of advancing software security practices• Served as an official spokesperson for print and television media inquiries• Conducted technical due diligence for post-LOI M&A targets
    View
  • Veracode
    Sr. Director, Security Research
    Veracode May 2007 - Apr 2011
    Burlington, Massachusetts, Us
    (see above)
    View
  • Veracode
    Director, Security Services
    Veracode Jul 2006 - Apr 2007
    Burlington, Massachusetts, Us
    • Contributed to the design and implementation of Veracode’s inaugural product offering, including definition and prioritization of SAST capabilities, CWE integration, flaw classification, application scoring, reporting, and user interface• Designed QA framework for regression testing SAST engine efficacy• Supported all phases of customer engagement, including pre-sales, onboarding, security analysis, report creation, results readout, and follow-up consultation• Hired, trained, managed, and mentored Security Analyst team
    View
  • Symantec
    Technical Manager
    Symantec Oct 2004 - Jul 2006
    San Jose, California, Us
    Via acquisition of @stake.• Managed Cambridge-based consulting team, including service delivery, project oversight, and staffing coordination• Supported end-to-end sales process as an SME for global advisory services, including business development, scoping, contract generation, bid approval, and project delivery• Designed, implemented, and maintained the Symantec Attack Center, a centralized, distributed scanning infrastructure for conducting network penetration tests and vulnerability assessments in a streamlined and reproducible manner• Designed, implemented, and maintained a web-based (J2EE) deliverable generation system with a centralized content knowledgebase, allowing consultants to collaborate efficiently and reducing project documentation time by half• Served as global facilitator for Symantec’s Attack and Penetration Center of Excellence, working with technical leads to continually revise service methodologies and delivery techniques to ensure currency and relevance, as well as engaging consultants worldwide to help them develop penetration testing services in their regions
    View
  • @Stake, Inc.
    Technical Director
    @Stake, Inc. Aug 2004 - Oct 2004
    See Symantec section above.
    View
  • @Stake, Inc.
    Principal Security Architect
    @Stake, Inc. Nov 2003 - Aug 2004
    Also see Symantec section above. • Led delivery of billable engagements, including web application penetration testing, network penetration testing, black-box product assessment, network vulnerability assessments, reverse engineering, and exploit development, routinely exceeding utilization targets• Led @stake’s Attack and Penetration Center of Excellence, responsible for developing internal methodologies and maintaining an internal knowledgebase of tools and techniques• Led development of WebProxy, an internal application testing tool that later became a commercial @stake product• Led a multi-month engagement to train the first in-house penetration testing team for a leading global financial services firm• Developed penetration testing tools, including multi-platform database reconnaissance tool and SQL Server brute force utility• Supported sales as an SME for @stake’s Eastern and Central regions
    View
  • @Stake, Inc.
    Senior Security Architect
    @Stake, Inc. Jul 2000 - Nov 2003
    View
  • National Security Agency
    Electrical Engineer
    National Security Agency Jun 1998 - Jun 2000
    Ft. Meade, Md, Us
    View

Chris Eng Education Details

  • University Of California, Berkeley
    University Of California, Berkeley
    Electrical Engineering And Computer Science

Frequently Asked Questions about Chris Eng

What company does Chris Eng work for?

Chris Eng works for Runtime Ventures

What is Chris Eng's role at the current company?

Chris Eng's current role is Limited Partner.

What schools did Chris Eng attend?

Chris Eng attended University Of California, Berkeley.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.