The Security Champions Podcast

EXPLORE

Society & Culture

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/7b/c4/54/7bc454cf-7ec6-057d-5daf-c3a87f85068e/mza_6992561359489398759.jpg/600x600bb.jpg

The Security Champions Podcast

Mike Burch

25 episodes

4 days ago

Mark McMillan has been building and leading Information Security Champions programs for over five years and has spent nearly a decade shaping cybersecurity culture at Rocket. He's passionate about creating programs that empower, not punish, and help people understand their role in keeping data secure. In this episode of The Security Champions Podcast, Mark shares his journey into the field and what he has learned about fostering engaging and supportive security programs. He contrasts the outd...

Show more...

All content for The Security Champions Podcast is the property of Mike Burch and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Mark McMillan has been building and leading Information Security Champions programs for over five years and has spent nearly a decade shaping cybersecurity culture at Rocket. He's passionate about creating programs that empower, not punish, and help people understand their role in keeping data secure. In this episode of The Security Champions Podcast, Mark shares his journey into the field and what he has learned about fostering engaging and supportive security programs. He contrasts the outd...

Show more...

Episodes (20/25)

The Security Champions Podcast

Mark McMillan - Leading with the Carrot: Building Security Culture, Not Just Compliance

Mark McMillan has been building and leading Information Security Champions programs for over five years and has spent nearly a decade shaping cybersecurity culture at Rocket. He's passionate about creating programs that empower, not punish, and help people understand their role in keeping data secure. In this episode of The Security Champions Podcast, Mark shares his journey into the field and what he has learned about fostering engaging and supportive security programs. He contrasts the outd...

4 days ago

43 minutes

The Security Champions Podcast

Dustin Lehr & Michael Burch - Security Champions Summit Recap

In this episode of The Security Champions Podcast, hosts Dustin Lehr and Michael Burch discuss the recent success of the first annual Security Champions Summit. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com. FOLLOW US to stay up-to-date with new content! LinkedIn (linkedin.com/company/security-journey) Instagram (https://www.instagram.com/securityjourney) YouTu...

3 weeks ago

43 minutes

The Security Champions Podcast

Ariel Shin - Beyond Breaking: From Pen Tester to Problem Solver

Ariel Shin is a Security Engineer at Stripe, specializing in threat modeling and proactively identifying and mitigating potential security risks. She is passionate about scaling application security while reducing engineering burdens and strives to create foundations that seamlessly integrate security practices into the development lifecycle. Ariel joined The Security Champions Podcast to share her journey from penetration testing to building scalable, developer-friendly security practices. ...

2 months ago

1 hour

The Security Champions Podcast

Eva Benn - Embracing Your Own Cybersecurity Identity

Eva Benn is a Principal Security Program Manager for the Microsoft Security and Response Center. She is deeply involved in the security community, having served/serving on the leadership boards of the OWASP Seattle Chapter, WiCyS Western Washington, ISACA Puget Sound Chapter, the EC Council CEH Advisory Board, and the GIAC Advisory Board. She is also a Co-Chair of the Microsoft Women in Security and Co-Founder of Women in Tech Global. Eva joined The Security Champions Podcast to discus...

3 months ago

1 hour 4 minutes

The Security Champions Podcast

Jacob Salassi - Developer Empathy: A Thoughtful Approach to Product Security

Jacob Salassi, former Director of Product Security at Snowflake, joined this episode of The Security Champions Podcast to share insights from his experience leading security transformation at scale. This episode explores the role of empathy in driving security engagement and how security teams can better align with engineering workflows. Jacob discusses the process of building the AppSec program at Snowflake, designing effective code review practices, and navigating organizational challenges....

4 months ago

1 hour 3 minutes

The Security Champions Podcast

David Kosorok - Mastering Application Security

David Kosorok, the Director of Information Security Programs at Toast, Inc., has over 25 years of experience in software and security testing - including more than 16 years dedicated to security. He’s led and scaled product security programs across organizations of all sizes, making him a trusted voice in the appsec space. In this episode of The Security Champion’s Podcast, David joined Dustin Lehr to share key insights from his new book ‘Mastering Application Security.’ They dive into ...

5 months ago

1 hour 2 minutes

The Security Champions Podcast

Dustin Lehr - Code, Culture, and Community

Dustin Lehr joined Security Journey as Director of Application Security Advocacy. With nearly two decades of experience as a software engineer, application architect, and cybersecurity leader, Dustin has ample expertise in the industry. In this episode of The Security Champions Podcast, Dustin joined to explore the interconnected roles of secure code, security-conscious culture, developer behavior, and the proper tooling. Discover practical insights on how to move beyond siloed approaches and...

6 months ago

1 hour 4 minutes

The Security Champions Podcast

Roger Grimes - Quantum Security

Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is the author of 15 books and over 1500 articles. He specializes in host security and preventing hacker and malware attacks. Roger is a frequent speaker at national computer security conferences and his presentations are fast-paced and full of useful facts and recommendations. This episode of The Security Champions Podcast explores the fascinating concepts of quantum mechanics and how they relate to cryptography. It explores ...

7 months ago

1 hour 1 minute

The Security Champions Podcast

Adam Bruehl - Secure Code in Medicine

Adam Bruehl, a Senior DevOps Engineer at Security Journey, has a unique blend of expertise ranging from biology to technology. In this episode, Adam dives into the intersection of cybersecurity and medical devices, pharmaceutical research, and patient data. Hear first-hand accounts of security incidents, ethical dilemmas, and the constant battle to balance cutting-edge technology with outdated protocols in an industry where the stakes are life and death. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~...

8 months ago

1 hour 2 minutes

The Security Champions Podcast

Michael Erquitt - The AI Threat Landscape

Michael Erquitt is a Senior Security Engineer at Security Journey who develops educational content for all of our learners.Michael joined the podcast to discuss the AI Threat Landscape. The discussion starts with the history of the AI threat landscape before moving on to the biggest AI security changes of 2025 and the future of AI and AI security. 0:05 Welcome to The Security Champions Podcast10:23 The History of the AI Threat Landscape16:41 Securing AI Compared to Other Technologies&nbs...

9 months ago

44 minutes

The Security Champions Podcast

Phillip Maddux - Deception Technology

Phillip Maddux is the founder of Deception Logic and a Staff Engineer on the Detection Engineering and Response Automation team at Compass. With close to two decades of experience in information and application security, Phillip's passion for honeypots led him to develop HoneyDB.io and his company, Deception Logic. In this episode of The Security Champions Podcast, Phillip explained the world of deception technology and its evolving role in cybersecurity. From high-fidelity honeyp...

11 months ago

42 minutes

The Security Champions Podcast

Irfaan Santoe - Security Champion Program Guide

Irfaan Santoe is the leader of the OWASP Netherlands chapter and the creator of the OWASP Security Champions Guide. He is passionate about scaling security in AppDev, DevOps, and Cloud and has helped numerous multinationals solve information security challenges. In this episode of The Security Champions Podcast, Irfaan walks through the Security Champion Program Guide. He shares the motivation behind the project, what makes this guide different, how security champions can affect real cha...

1 year ago

47 minutes

The Security Champions Podcast

Noah Morse - Security Journey Goes to Black Hat

Noah Morse is an application security engineer at Security Journey focused on building vulnerable sandboxes for our Break/Fix lessons that teach developers how to secure applications. Noah joined the podcast to share his experience attending Black Hat USA 2024. They cover some of the most popular topics from the conference, the talks that Noah attended and key takeaways to consider. Welcome to The Security Champions Podcast [0:25]AI/LLMs "That's How They're Supposed to Work" [6:24]T...

1 year ago

37 minutes

The Security Champions Podcast

Michael Bargury - Low-Code/No-Code Security

Michael Bargury is a security researcher passionate about all things related to cloud, SaaS and low-code security, and he spends his time finding the ways they could all go wrong. He is the co-founder and CTO of Zenity, where he helps companies secure their low-code/no-code apps and leads the OWASP No-Code/Low-Code Top 10 project.Michael joined the podcast to explain low-code/no-code solutions and discuss the best practices for optimizing security in the organizations that use them. ~~~~...

1 year ago

51 minutes

The Security Champions Podcast

Ahmad Sadeddin - Rewards and Risks of Using AI in Product Security

Ahmad is an entrepreneur with three successful ventures who is currently the CEO at Corgea. He led various products at Coupa after they acquired his previous venture, Riskopy. He built his current company due to frustration with the manual and inefficient processes companies take around security. Ahmad joined the podcast to discuss the use of AI in product security, offering insight into its positive and negative implications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Podcast sponsored b...

1 year ago

43 minutes

The Security Champions Podcast

The Year in Review - 2023 Highlights

Join Micheal Burch, host of The Security Champions Podcast, as he reminisces about the standout moments from this season's conversations, from unraveling the intricacies of elegant code to exploring the human side of coding.Welcome to The Security Champions Podcast [0:15] Clip 1 - What Can We Do For Our Security Champions? [18:30]Clip 2 - Elegant Code Leads to Better Security [26:25]Clip 3 - The Human Side of Security [31:22]Clip 4 - Gamification of Champions Programs [33:53]Clip 5 - Don...

1 year ago

1 hour 3 minutes

The Security Champions Podcast

Derek Fisher - The Application Security Handbook

Derek is a multifaceted professional with expertise in information security, serving as an author, leader, speaker, and university instructor. His commitment to enhancing information security has defined his career, steering high-performing cybersecurity teams and crafting strategic initiatives that effectively mitigate risks and safeguard sensitive data. He excels in uniting teams, implementing regulatory compliance systems, and establishing comprehensive enterprise security services to ensu...

2 years ago

51 minutes

The Security Champions Podcast

Tanya Janca - A Recipe for Security Champions

Tanya Janca, also known as SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Application Security' and founder of We Hack Purple. Tanya has been coding and working in IT for over 25 years, has won countless awards, and has been everywhere, from public service to tech giants, writing software, leading communities, founding companies, and 'securing all things'. Tanya joins the podcast to discuss the recipe for success for security champions programs. She touches on best pr...

2 years ago

1 hour 12 minutes

The Security Champions Podcast

Jason Haddix - The Hacker CISO

Jason Haddix has had a distinguished 15-year career in cybersecurity, previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He is a hacker and bug hunter to the core and has authored many talks, speaking at cons such as BlackHat, RSA, and many more. Jason joins us to discuss best practices learned from his experience running security champion programs, the layers of applicat...

2 years ago

55 minutes

The Security Champions Podcast

Ron Woerner - Security Mentorship

Ron Woerner, CISSP, CISM, is the President and Chief Security Officer at Cyber-AAA, plus a Senior Security and Risk Consultant for Forrester Research. With over 20 years of experience in IT and Security experience, Ron works with leaders worldwide to advise on security, compliance, and privacy.Ron joins to discuss how organizations should adapt tools and methodologies for their business' maturity, how to have impactful security champion mentors, and how security teams can successfully work wi...

2 years ago

51 minutes