Overview
Discover how to build an effective security champions program in this 51-minute OWASP Foundation talk by Tanya Janca, CEO and Founder of We Hack Purple. Learn strategies for recruiting the right people, providing essential training, and fostering engagement to create security advocates within your organization. Explore methods for delegation, communication, and motivation to scale security efforts effectively. Gain insights on attracting talent, determining appropriate training content, and implementing recognition and reward systems. Understand the importance of continuous program development and access valuable resources for further learning. Master the recipe for success: recruit, engage, teach, recognize, reward, and maintain momentum in building an outstanding security champion program.
Syllabus
Intro
Who is Tanya
The problem
Scaling
Security Champion
Recipe
Recruiting
Engagement Software Developers
Meeting with Software Developers
What do we teach our Champions
Secure Coding Architecture Design
Policies
Tooling
Coaching
What Coaching Means
How to Do Coaching
Delegation
Not to Delegate
Recognition and Rewards
Importance of Recognition
How can we recognize them
Rewarding good behavior
Security gifts
Dont stop
Planning
Summary
Free Resources
Online Community
Books
Podcast
Strange people
Thank you
Taught by
OWASP Foundation