The Security Champions Podcast
Automation, Generative AI, Shift Left - the world of application security is evolving fast, and so are the conversations that shape it.
Welcome to The Security Champions Podcast, the go-to resource for insights from the front lines of application security. The podcast is cohosted by Michael Burch, Director of Application Security for Security Journey, and Dustin Lehr, the Director of AppSec Advocacy. Each month, one of them shares a candid conversation with security leaders, engineering voices, and software experts.
From championing secure development practices to navigating real-world challenges in modern SDLCs, this show explores how teams are scaling appsec, strategy and culture.
New Episodes drop monthly, with even more security content at https://www.securityjourney.com/
Always remember: Security is a Journey, not a Destination.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This podcast is sponsored by Security Journey.
FOLLOW US to stay up-to-date with new content!
X (https://x.com/SecurityJourney)
LinkedIn (https://www.linkedin.com/company/7574213)
Instagram (https://www.instagram.com/securityjourney/?hl=en)
YouTube (https://www.youtube.com/@UCBVPnBCNcZqx_WAuCsV6BuA )
Online (securityjourney.com)
CONTACT: hello@securityjourney.com
Episodes
24 episodes
Dustin Lehr & Michael Burch - Security Champions Summit Recap
In this episode of The Security Champions Podcast, hosts Dustin Lehr and Michael Burch discuss the recent success of the first annual Security Champions Summit.
•
Season 3
•
Episode 9
•
43:56
Ariel Shin - Beyond Breaking: From Pen Tester to Problem Solver
Ariel Shin is a Security Engineer at Stripe, specializing in threat modeling and proactively identifying and mitigating potential security risks. She is passionate about scaling application security while reducing engineering burdens and strive...
•
Season 3
•
Episode 8
•
1:00:08
Eva Benn - Embracing Your Own Cybersecurity Identity
Eva Benn is a Principal Security Program Manager for the Microsoft Security and Response Center. She is deeply involved in the security community, having served/serving on the leadership boards of the OWASP Seattle Chapter, WiCyS Western Washin...
•
Season 3
•
Episode 7
•
1:04:53
Jacob Salassi - Developer Empathy: A Thoughtful Approach to Product Security
Jacob Salassi, former Director of Product Security at Snowflake, joined this episode of The Security Champions Podcast to share insights from his experience leading security transformation at scale.This episode explores the role of empat...
•
Season 3
•
Episode 6
•
1:03:24
David Kosorok - Mastering Application Security
David Kosorok, the Director of Information Security Programs at Toast, Inc., has over 25 years of experience in software and security testing - including more than 16 years dedicated to security. He’s led and scaled product security programs ac...
•
Season 3
•
Episode 5
•
1:02:58
Dustin Lehr - Code, Culture, and Community
Dustin Lehr joined Security Journey as Director of Application Security Advocacy. With nearly two decades of experience as a software engineer, application architect, and cybersecurity leader, Dustin has ample expertise in the industry.I...
•
Season 3
•
Episode 4
•
1:04:44
Roger Grimes - Quantum Security
Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is the author of 15 books and over 1500 articles. He specializes in host security and preventing hacker and malware attacks. Roger is a frequent speaker at national computer sec...
•
Season 3
•
Episode 3
•
1:01:22
Adam Bruehl - Secure Code in Medicine
Adam Bruehl, a Senior DevOps Engineer at Security Journey, has a unique blend of expertise ranging from biology to technology.In this episode, Adam dives into the intersection of cybersecurity and medical devices, pharmaceutical research...
•
Season 3
•
Episode 2
•
1:02:01
Michael Erquitt - The AI Threat Landscape
Michael Erquitt is a Senior Security Engineer at Security Journey who develops educational content for all of our learners.Michael joined the podcast to discuss the AI Threat Landscape. The discussion starts with the history of the AI t...
•
Season 3
•
Episode 1
•
44:06
Phillip Maddux - Deception Technology
Phillip Maddux is the founder of Deception Logic and a Staff Engineer on the Detection Engineering and Response Automation team at Compass. With close to two decades of experience in information and application security, Phillip's passion for h...
•
Season 2
•
Episode 5
•
42:09
Irfaan Santoe - Security Champion Program Guide
Irfaan Santoe is the leader of the OWASP Netherlands chapter and the creator of the OWASP Security Champions Guide. He is passionate about scaling security in AppDev, DevOps, and Cloud and has helped numerous multinationals solve information se...
•
Season 2
•
Episode 4
•
47:56
Noah Morse - Security Journey Goes to Black Hat
Noah Morse is an application security engineer at Security Journey focused on building vulnerable sandboxes for our Break/Fix lessons that teach developers how to secure applications. Noah joined the podcast to share his experience ...
•
Season 2
•
Episode 3
•
37:07
Michael Bargury - Low-Code/No-Code Security
Michael Bargury is a security researcher passionate about all things related to cloud, SaaS and low-code security, and he spends his time finding the ways they could all go wrong. He is the co-founder and CTO of Zenity, where he helps companies...
•
Season 2
•
Episode 2
•
51:31
Ahmad Sadeddin - Rewards and Risks of Using AI in Product Security
Ahmad is an entrepreneur with three successful ventures who is currently the CEO at Corgea. He led various products at Coupa after they acquired his previous venture, Riskopy. He built his current company due to frustration with the manual and ...
•
Season 2
•
Episode 1
•
43:36
The Year in Review - 2023 Highlights
Join Micheal Burch, host of The Security Champions Podcast, as he reminisces about the standout moments from this season's conversations, from unraveling the intricacies of elegant code to exploring the human side of coding.Welcome ...
•
Season 1
•
Episode 9
•
1:03:14
Derek Fisher - The Application Security Handbook
Derek is a multifaceted professional with expertise in information security, serving as an author, leader, speaker, and university instructor. His commitment to enhancing information security has defined his career, steering high-performing cyb...
•
Season 1
•
Episode 8
•
51:46
Tanya Janca - A Recipe for Security Champions
Tanya Janca, also known as SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Application Security' and founder of We Hack Purple. Tanya has been coding and working in IT for over 25 years, has won countless awards, and has been...
•
Season 1
•
Episode 7
•
1:12:48
Jason Haddix - The Hacker CISO
Jason Haddix has had a distinguished 15-year career in cybersecurity, previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He is...
•
Season 1
•
Episode 6
•
55:01
Ron Woerner - Security Mentorship
Ron Woerner, CISSP, CISM, is the President and Chief Security Officer at Cyber-AAA, plus a Senior Security and Risk Consultant for Forrester Research. With over 20 years of experience in IT and Security experience, Ron works with leaders worldw...
•
Season 1
•
Episode 5
•
51:22
Dustin Lehr - Fivetran Security Champions
Dustin Lehr is the Sr. Director of Platform Security at Fivetran & the Co-founder and Chief Solutions Officer at Katilyst Security. Before shifting into cybersecurity leadership, Dustin spent 13 years as a software engineer and application ...
•
Season 1
•
Episode 4
•
52:29
Ken Buckler - The Human Side of Secure Coding
Kenneth Buckler, CASP, is a research analyst of information security/risk and compliance management for Enterprise Management Associates, a technology industry analyst and consulting firm. With over 15 years of experience, Ken is an author on c...
•
Season 1
•
Episode 3
•
30:07
Tim Brown - SolarWinds CISO and the Elegance of Code
Tim Brown is the CISO of SolarWinds, responsible for overseeing the company's internal IT security, product security, and security strategy. With over 25 years of experience and 18 issued patents on security-related topics, Tim is a trusted adv...
•
50:03
Chris Romeo - The Security Champions Framework
Chris Romeo, AppSec expert and CEO of Kerr Ventures, joins to talk about The Security Champions Framework and the biggest mistake organizations make with security champion programs. Welcome to The Security Champions Podcast [0:...
•
Season 1
•
Episode 1
•
44:13