The Security Champions Podcast Mike Burch

Michael Bargury is a security researcher passionate about all things related to cloud, SaaS and low-code security, and he spends his time finding the ways they could all go wrong. He is the co-founder and CTO of Zenity, where he helps companies secure their low-code/no-code apps and leads the OWASP No-Code/Low-Code Top 10 project.

Michael joined the podcast to explain low-code/no-code solutions and discuss the best practices for optimizing security in the organizations that use them. 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
Twitter (twitter.com/SecurityJourney) LinkedIn (linkedin.com/company/security-journey) YouTube (youtube.com/c/securityjourney) Online (securityjourney.com) CONTACT: hello@securityjourney.com

Ahmad is an entrepreneur with three successful ventures who is currently the CEO at Corgea. He led various products at Coupa after they acquired his previous venture, Riskopy. He built his current company due to frustration with the manual and inefficient processes companies take around security. 

Ahmad joined the podcast to discuss the use of AI in product security, offering insight into its positive and negative implications. 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
Twitter (twitter.com/SecurityJourney) LinkedIn (linkedin.com/company/security-journey) YouTube (youtube.com/c/securityjourney) Online (securityjourney.com) CONTACT: hello@securityjourney.com

Join Micheal Burch, host of The Security Champions Podcast, as he reminisces about the standout moments from this season's conversations, from unraveling the intricacies of elegant code to exploring the human side of coding.
Welcome to The Security Champions Podcast [0:15] Clip 1 - What Can We Do For Our Security Champions? [18:30]Clip 2 - Elegant Code Leads to Better Security [26:25]Clip 3 - The Human Side of Security [31:22]Clip 4 - Gamification of Champions Programs [33:53]Clip 5 - Don't be 'The House of No' [39:25]Clip 6 - Baking Security into the Company Culture [46:09]Clip 7 - How to Keep Your Security Champions [51:35]Clip 8 - Bridging the Gap Between Security and Development [55:28]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
Twitter (twitter.com/SecurityJourney) LinkedIn (linkedin.com/company/security-journey) YouTube (youtube.com/c/securityjourney) Online (securityjourney.com) CONTACT: hello@securityjourney.com

Derek is a multifaceted professional with expertise in information security, serving as an author, leader, speaker, and university instructor. His commitment to enhancing information security has defined his career, steering high-performing cybersecurity teams and crafting strategic initiatives that effectively mitigate risks and safeguard sensitive data. He excels in uniting teams, implementing regulatory compliance systems, and establishing comprehensive enterprise security services to ensure organizations' secure digital landscape navigation.
Derek joined us to discuss the Application Security Program Handbook and how to run security champions programs effectively. 
Welcome to The Security Champions Podcast [0:15] The Application Security Program Handbook [12:00]The Conflict Between Development & Security [16:23]Create Guard Rails, Not Barriers [22:30]Leveraging Security Champions [28:02]Regulations Effect on Development Teams & Education [39:51]Tips & Tricks for Security Champions Programs [46:55] Episode Resources:
Application Security Program Handbook~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
Twitter (twitter.com/SecurityJourney) LinkedIn (linkedin.com/company/security-journey) YouTube (youtube.com/c/securityjourney) Online (securityjourney.com) CONTACT: hello@securityjourney.com

Tanya Janca, also known as SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Application Security' and founder of We Hack Purple. Tanya has been coding and working in IT for over 25 years, has won countless awards, and has been everywhere, from public service to tech giants, writing software, leading communities, founding companies, and 'securing all things'. 
Tanya joins the podcast to discuss the recipe for success for security champions programs. She touches on best practices for recruiting, engagement, education, recognition & rewards, and maintaining a champions program. 
Welcome to The Security Champions Podcast [0:15]Alice and Bob Learn Application Security [3:55]Why We Hack Purple? [9:10]The Recipe for Succes with Security Champions Programs [14:30]How to Engage Your Champions [25:50]What to Teach Security Champions [38:28]Recognition & Rewards to Drive Engagement [46:45]How to Maintain Your Security Champion Program [57:50]Collaboration Between Dev & Security [1:06:49] Episode Resources:
Alice & Bob Learn Application SecurityWe Hack Purple Podcast~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
Twitter (twitter.com/SecurityJourney) LinkedIn (linkedin.com/company/security-journey) YouTube (youtube.com/c/securityjourney) Online (securityjourney.com) CONTACT: hello@securityjourney.com

Jason Haddix has had a distinguished 15-year career in cybersecurity, previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He is a hacker and bug hunter to the core and has authored many talks, speaking at cons such as BlackHat, RSA, and many more. 
Jason joins us to discuss best practices learned from his experience running security champion programs, the layers of application security, and how to foster collaboration between development and security teams.  
Welcome to The Security Champions Podcast [0:15] AI Prevalence & Staying Secure [8:20]The Best Aspects of Security Champions Programs [16:23]The Methodology of Training Security Champions [27:01]Preventing Gaps Left by Security Tools [31:25]In-House vs. Contracted Pen-Testing [36:02]The Layers of AppSec [41:55]Bringing Development & Security Teams Together [50:52] Episode Resources:
Jason Haddix on the Critical Thinking PodcastJason Haddix on the Darknet Diaries HackerOne Community Blog~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
Twitter (twitter.com/SecurityJourney) LinkedIn (linkedin.com/company/security-journey) YouTube (youtube.com/c/securityjourney) Online (securityjourney.com) CONTACT: hello@securityjourney.com