Irfaan Santoe - Security Champion Program Guide
10/14/24 • 47 min
Irfaan Santoe is the leader of the OWASP Netherlands chapter and the creator of the OWASP Security Champions Guide. He is passionate about scaling security in AppDev, DevOps, and Cloud and has helped numerous multinationals solve information security challenges.
In this episode of The Security Champions Podcast, Irfaan walks through the Security Champion Program Guide. He shares the motivation behind the project, what makes this guide different, how security champions can affect real change, and more!
[0:05] Welcome to The Security Champions Podcast
[14:13] The Motivation Behind the OWASP Security Champions Guide
[18:02] How To Get Buy-In for a New OWASP Project
[21:28] Why the Champions Guide is Different
[28:26] How To Make Everyone a Security Champion
[32:49] Engineers are Part of the Security Team
[37:52] Facilitating Behavioral Change
[41:02] How Security Champions Bring the Community Together
Episode Resources:
- OWASP Security Champions Guide - https://owasp.org/www-project-security-champions-guidebook/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
- LinkedIn (linkedin.com/company/security-journey)
- Instagram (https://www.instagram.com/securityjourney)
- YouTube (youtube.com/c/securityjourney)
- Twitter (twitter.com/SecurityJourney)
- Online (securityjourney.com)
- CONTACT: [email protected]
Irfaan Santoe is the leader of the OWASP Netherlands chapter and the creator of the OWASP Security Champions Guide. He is passionate about scaling security in AppDev, DevOps, and Cloud and has helped numerous multinationals solve information security challenges.
In this episode of The Security Champions Podcast, Irfaan walks through the Security Champion Program Guide. He shares the motivation behind the project, what makes this guide different, how security champions can affect real change, and more!
[0:05] Welcome to The Security Champions Podcast
[14:13] The Motivation Behind the OWASP Security Champions Guide
[18:02] How To Get Buy-In for a New OWASP Project
[21:28] Why the Champions Guide is Different
[28:26] How To Make Everyone a Security Champion
[32:49] Engineers are Part of the Security Team
[37:52] Facilitating Behavioral Change
[41:02] How Security Champions Bring the Community Together
Episode Resources:
- OWASP Security Champions Guide - https://owasp.org/www-project-security-champions-guidebook/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
- LinkedIn (linkedin.com/company/security-journey)
- Instagram (https://www.instagram.com/securityjourney)
- YouTube (youtube.com/c/securityjourney)
- Twitter (twitter.com/SecurityJourney)
- Online (securityjourney.com)
- CONTACT: [email protected]
Previous Episode
Noah Morse - Security Journey Goes to Black Hat
Noah Morse is an application security engineer at Security Journey focused on building vulnerable sandboxes for our Break/Fix lessons that teach developers how to secure applications.
Noah joined the podcast to share his experience attending Black Hat USA 2024. They cover some of the most popular topics from the conference, the talks that Noah attended and key takeaways to consider.
- Welcome to The Security Champions Podcast [0:25]
- AI/LLMs "That's How They're Supposed to Work" [6:24]
- The Scary Long Game Social Engineering Attacks That Most of Us Would Fall For [10:15]
- Relationships Matter in Ransomware Gangs [14:17]
- Privacy Intrusion Techniques [20:20]
- Hackers in the Media [24:05]
- Quantum Computers [29:50]
- Ransomware Groups Have Better Security Than You [32:50]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
- LinkedIn (linkedin.com/company/security-journey)
- Instagram (https://www.instagram.com/securityjourney)
- YouTube (youtube.com/c/securityjourney)
- Twitter (twitter.com/SecurityJourney)
- Online (securityjourney.com)
- CONTACT: [email protected]
Next Episode
Phillip Maddux - Deception Technology
Phillip Maddux is the founder of Deception Logic and a Staff Engineer on the Detection Engineering and Response Automation team at Compass. With close to two decades of experience in information and application security, Phillip's passion for honeypots led him to develop HoneyDB.io and his company, Deception Logic.
In this episode of The Security Champions Podcast, Phillip explained the world of deception technology and its evolving role in cybersecurity. From high-fidelity honeypots to detecting insider threats, the conversation dives into how these tools can mislead attackers while protecting critical systems.
Podcast Chapters:
0:05 Welcome to the Security Champions Podcast
10:30 What is Deception Technology?
15:12 High-Fidelity Honeypots
21:07 Detecting Insider Threats
28:13 The Ethics of 'Poison'
32:30 AI's Space in Deception Technology
36:15 Deception in 5 Years
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Podcast sponsored by Security Journey, Secure Coding Training for Developers and Everyone in the SDLC. Learn more at securityjourney.com.
FOLLOW US to stay up-to-date with new content!
- LinkedIn (linkedin.com/company/security-journey)
- Instagram (https://www.instagram.com/securityjourney)
- YouTube (youtube.com/c/securityjourney)
- Twitter (twitter.com/SecurityJourney)
- Online (securityjourney.com)
- CONTACT: [email protected]
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/the-security-champions-podcast-306873/irfaan-santoe-security-champion-program-guide-76359905"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to irfaan santoe - security champion program guide on goodpods" style="width: 225px" /> </a>
Copy