Jason Haddix has had a distinguished 15-year career in cybersecurity, previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He is a hacker and bug hunter to the core and has authored many talks, speaking at cons such as BlackHat, RSA, and many more.

Jason joins us to discuss best practices learned from his experience running security champion programs, the layers of application security, and how to foster collaboration between development and security teams.

• Welcome to The Security Champions Podcast [0:15]
• AI Prevalence & Staying Secure [8:20]
• The Best Aspects of Security Champions Programs [16:23]
• The Methodology of Training Security Champions [27:01]
• Preventing Gaps Left by Security Tools [31:25]
• In-House vs. Contracted Pen-Testing [36:02]
• The Layers of AppSec [41:55]
• Bringing Development & Security Teams Together [50:52]

Episode Resources:

• Jason Haddix on the Critical Thinking Podcast
• Jason Haddix on the Darknet Diaries
• HackerOne Community Blog

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.

FOLLOW US to stay up-to-date with new content!

• Twitter (twitter.com/SecurityJourney)
• LinkedIn (linkedin.com/company/security-journey)
• YouTube (youtube.com/c/securityjourney)
• Online (securityjourney.com)
• CONTACT: hello@securityjourney.com