There’s nothing like a global pandemic to test our acceptance of those who disagree with us. We’ve all had to make hard decisions about who to meet and not meet, helping us determine those who accept and respect our differences, and those who do not. #covid19 #coronavirus

Know what I love most about the infosec community? The collaboration. So many opportunities to share threat, incident, and strategy across companies, even those who compete. We are better together. Are you getting out there? #cybersecurity #infosec #informationsecurity

Building In Security At Agile Speed:

Dustin Lehr joins us to talk about the challenges developers face with security and so much more. Join in on the convo! hubs.ly/H0RZ_M10 #SecurityJourney #Devs #InfoSec #CyberSecurity #Tech #AppSec

Join me in a BrightTALK AppSec panel starting in a few minutes! brighttalk.com/webinar/applic… #cybersecurity #applicationsecurity #softwaresecurity

The point of security issue detection is not to continuously detect the same issues. The point is to learn from the findings and adjust your habits. If you’re not taking a proactive stance & focusing on prevention… you’re missing the point! #applicationsecurity #cybersecurity

Weigh-in encourages buy-in! When rolling out a change that affects others, try to include as many of them as reasonably possible in the process. The more they are part of it, the more likely they will be strong advocates when it’s released more broadly. #innovation #motivation

What is DevOps? emily freeman gives us the skinny at #GitHubUniverse. You dig? GitHubUniverse.com

Coming up in 30 minutes at 12 Noon Eastern today, Absolute AppSec welcomes Dustin Lehr! Join SeThLaW (l4wke) and Ken Johnson as the talk to Dustin here: youtube.com/watch?v=nEjD79…

Curious about the secrets to a successful Security Champions Program? Tune in to this awesome @Semgrep Community panel featuring yours truly, Chris Romeo, Dustin Lehr, Devin Rudnicki, and ray. Can't wait to hear what you think (comment below)! ✨ youtube.com/watch?v=nkzuUw…

We are continuing to refine the OWASP Global AppSec SF "Dev Day" plans and would love for you to be part of it! The sessions go beyond just talks and include other activities: open discussions, games, etc. Here's the CFP: tinyurl.com/owaspdevdaycfp

What do the developers think of your security program? Have you bothered to ask? Do you even want to know? 🤔 Join our global open discussion meetup next week to share your thoughts! meetup.com/lets-talk-soft…

Don't make the first time you meet someone because you need something. As a technologist, I've learned the best path to effective cybersecurity is through building relationships, not technology. #securitychampions #securityculture #securityawareness #softwaresecurity #appsec

OWASP Dev Day has been cancelled. 😞 This was created to focus on developers' perspective on security, but almost no one signed up. Before sharing my thoughts, what do YOU think happened here? #securitychampions #applicationsecurity #softwaresecurity #productsecurity

Did you know that security champions can boost your #OWASP #SAMM level-up efforts? Join me during OWASP Global AppSec SF on Sept 25th at SAMM User Day for my talk on this very topic! owaspsamm.org/user-day/secur… #appsec #applicationsecurity

I'll be speaking at both SAMM User Day (Sept 25th) and OWASP Global AppSec SF (Sept 27th) this week! Let me know if you're coming and please don't hesitate to come say hi! #securitychampions #securityculture #owasp #samm #applicationsecurity #productsecurity #softwaresecurity

Security champions are not the answer for your cybersecurity staff shortages. They are allies whose relationship can contribute uniquely to build security culture and reduce friction across your company. #securitychampions #applicationsecurity #productsecurity #softwaresecurity

I was invited to the Application Security Weekly Podcast last week to discuss the cancelling of #owasp Dev Day and how we can better reach developers with the security message. scmagazine.com/podcast-segmen… #applicationsecurity #productsecurity #softwaresecurity #securitychampions

After building strong relationships with your organization, "#startright" in your dev lifecycle by finding security risk in your current environment (prod), then "#shiftleft" toward proactive controls over time. #applicationsecurity #productsecurity #softwaresecurity #appsec

What's it like when cybersecurity folks dump all their vulnerabilities on to the developers? #cyberpagefault #proactivesecurity #productsecurity #applicationsecurity #softwaresecurity #securitychampions #securityawareness #securityculture