The Security Champions Podcast
Automation, Generative AI, Shift Left - the world of application security is evolving fast! Security Journey introduces the newest go-to AppSec resource, The Security Champions Podcast, hosted by Director of Application Security Michael Burch.Gain exclusive insight from software development leaders and security experts – from recounting their security champion journey to diving into the latest headlines in the AppSec world. Learn how to build, maintain and scale a successful software security program through expert guidance and real-world experiences.New episodes are available every other week, along with more application security content at securityjourney.com. Always remember: Security is a Journey, not a Destination.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~FOLLOW US to stay up-to-date!Twitter (twitter.com/SecurityJourney)LinkedIn (linkedin.com/company/security-journey)YouTube (youtube.com/c/securityjourney)Online (wwwsecurityjourney.com)CONTACT: hello@securityjourney.com
Episodes
David Kosorok, the Director of Information Security Programs at Toast, Inc., has over 25 years of experience in software and security testing - including more than 16 years dedicated to security. He’s led and scaled product security programs across organizations of all sizes, making him a trusted voice in the appsec space.
In this episode of The Security Champion’s Podcast, David joined Dustin Lehr to share key insights from his ne...
Dustin Lehr joined Security Journey as Director of Application Security Advocacy. With nearly two decades of experience as a software engineer, application architect, and cybersecurity leader, Dustin has ample expertise in the industry.
In this episode of The Security Champions Podcast, Dustin joined to explore the interconnected roles of secure code, security-conscious culture, developer behavior, and the proper tooling. Discover p...
Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is the author of 15 books and over 1500 articles. He specializes in host security and preventing hacker and malware attacks. Roger is a frequent speaker at national computer security conferences and his presentations are fast-paced and full of useful facts and recommendations.
This episode of The Security Champions Podcast explores the fascinating concepts ...
Adam Bruehl, a Senior DevOps Engineer at Security Journey, has a unique blend of expertise ranging from biology to technology.
In this episode, Adam dives into the intersection of cybersecurity and medical devices, pharmaceutical research, and patient data. Hear first-hand accounts of security incidents, ethical dilemmas, and the constant battle to balance cutting-edge technology with outdated protocols in an industry where the stak...
Michael Erquitt is a Senior Security Engineer at Security Journey who develops educational content for all of our learners.
Michael joined the podcast to discuss the AI Threat Landscape. The discussion starts with the history of the AI threat landscape before moving on to the biggest AI security changes of 2025 and the future of AI and AI security.
0:05 Welcome to The Security Champions Podcast
10:23 The Hist...
Phillip Maddux is the founder of Deception Logic and a Staff Engineer on the Detection Engineering and Response Automation team at Compass. With close to two decades of experience in information and application security, Phillip's passion for honeypots led him to develop HoneyDB.io and his company, Deception Logic.
In this episode of The Security Champions Podcast, Phillip explained the world of deception technolog...
Irfaan Santoe is the leader of the OWASP Netherlands chapter and the creator of the OWASP Security Champions Guide. He is passionate about scaling security in AppDev, DevOps, and Cloud and has helped numerous multinationals solve information security challenges.
In this episode of The Security Champions Podcast, Irfaan walks through the Security Champion Program Guide. He shares the motivation behind the project, what makes this gu...
Noah Morse is an application security engineer at Security Journey focused on building vulnerable sandboxes for our Break/Fix lessons that teach developers how to secure applications.
Noah joined the podcast to share his experience attending Black Hat USA 2024. They cover some of the most popular topics from the conference, the talks that Noah attended and key takeaways to consider.
- Welcome to The Security Champions Podcast [0:...
Michael Bargury is a security researcher passionate about all things related to cloud, SaaS and low-code security, and he spends his time finding the ways they could all go wrong. He is the co-founder and CTO of Zenity, where he helps companies secure their low-code/no-code apps and leads the OWASP No-Code/Low-Code Top 10 project.
Michael joined the podcast to explain low-code/no-code solutions and discuss the best practic...
Ahmad is an entrepreneur with three successful ventures who is currently the CEO at Corgea. He led various products at Coupa after they acquired his previous venture, Riskopy. He built his current company due to frustration with the manual and inefficient processes companies take around security.
Ahmad joined the podcast to discuss the use of AI in product security, offering insight into its positive and negative implicat...
Join Micheal Burch, host of The Security Champions Podcast, as he reminisces about the standout moments from this season's conversations, from unraveling the intricacies of elegant code to exploring the human side of coding.
- Welcome to The Security Champions Podcast [0:15]
- Clip 1 - What Can We Do For Our Security Champions? [18:30]
- Clip 2 - Elegant Code Leads to Better Security [26:25]
- Clip 3 - The Human Side of Security [31:...
Derek is a multifaceted professional with expertise in information security, serving as an author, leader, speaker, and university instructor. His commitment to enhancing information security has defined his career, steering high-performing cybersecurity teams and crafting strategic initiatives that effectively mitigate risks and safeguard sensitive data. He excels in uniting teams, implementing regulatory compliance systems, and e...
Tanya Janca, also known as SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Application Security' and founder of We Hack Purple. Tanya has been coding and working in IT for over 25 years, has won countless awards, and has been everywhere, from public service to tech giants, writing software, leading communities, founding companies, and 'securing all things'.
Tanya joins the podcast to discuss t...
Jason Haddix has had a distinguished 15-year career in cybersecurity, previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He is a hacker and bug hunter to the core and has authored many talks, speaking at cons such as BlackHat, RSA, and many more.
Jason joins us to discuss best practices learned from his experience r...
Ron Woerner, CISSP, CISM, is the President and Chief Security Officer at Cyber-AAA, plus a Senior Security and Risk Consultant for Forrester Research. With over 20 years of experience in IT and Security experience, Ron works with leaders worldwide to advise on security, compliance, and privacy.
Ron joins to discuss how organizations should adapt tools and methodologies for their business' maturity, how to have impactful securit...
Dustin Lehr is the Sr. Director of Platform Security at Fivetran & the Co-founder and Chief Solutions Officer at Katilyst Security. Before shifting into cybersecurity leadership, Dustin spent 13 years as a software engineer and application architect in various industries.
He joins us to discuss The Security Champion Program Success Guide and the inner workings of Fivetran's security champion program.
- Welcome to The Secu...
Kenneth Buckler, CASP, is a research analyst of information security/risk and compliance management for Enterprise Management Associates, a technology industry analyst and consulting firm. With over 15 years of experience, Ken is an author on cybersecurity topics and has spent several years working for federal contractors in cybersecurity practitioner roles.
Ken joins to discuss the human side of secure coding, the important elemen...
Tim Brown is the CISO of SolarWinds, responsible for overseeing the company's internal IT security, product security, and security strategy. With over 25 years of experience and 18 issued patents on security-related topics, Tim is a trusted advisor for business executives, AppSec leaders, and the White House.
Tim joins to discuss the concept of elegant code and the impact elegant coding can have on an organization's secu...
Chris Romeo, AppSec expert and CEO of Kerr Ventures, joins to talk about The Security Champions Framework and the biggest mistake organizations make with security champion programs.
- Welcome to The Security Champions Podcast [0:10]
- Starting Cisco’s Security Champions Program [10:00]
- The Year of Security Champions [13:00]
- The Security Champions Framework [15:23]
- Biggest Security Champion Program Mistakes [26:00]
- Growing a Program...
Tune into our NEW show, The Security Champions Podcast, to hear conversations between appsec expert Mike Burch and leading software development and security professionals.
Episodes will explore the latest news, trends, best practices, and technologies. The experts will share valuable insight and practical advice on building, maintaining, and scaling successful software security programs based on real-world guidance and experience.
...
Popular Podcasts
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
If you eat, sleep, and breathe true crime, TRUE CRIME TONIGHT is serving up your nightly fix. Five nights a week, KT STUDIOS & iHEART RADIO invite listeners to pull up a seat for an unfiltered look at the biggest cases making headlines, celebrity scandals, and the trials everyone is watching. With a mix of expert analysis, hot takes, and listener call-ins, TRUE CRIME TONIGHT goes beyond the headlines to uncover the twists, turns, and unanswered questions that keep us all obsessed—because, at TRUE CRIME TONIGHT, there’s a seat for everyone. Whether breaking down crime scene forensics, scrutinizing serial killers, or debating the most binge-worthy true crime docs, True Crime Tonight is the fresh, fast-paced, and slightly addictive home for true crime lovers.
The latest news in 4 minutes updated every hour, every day.