{"id":13652900,"url":"https://github.com/c0rdis/security-champions-playbook","last_synced_at":"2025-04-23T03:31:40.580Z","repository":{"id":41280926,"uuid":"106377792","full_name":"c0rdis/security-champions-playbook","owner":"c0rdis","description":"Security Champions Playbook v 2.1","archived":false,"fork":false,"pushed_at":"2023-09-25T07:19:07.000Z","size":405,"stargazers_count":361,"open_issues_count":1,"forks_count":77,"subscribers_count":27,"default_branch":"master","last_synced_at":"2025-04-17T03:53:18.570Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/c0rdis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"Security Playbook/1. Identify teams.md","support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-10-10T06:35:38.000Z","updated_at":"2025-04-12T06:39:57.000Z","dependencies_parsed_at":"2024-01-16T12:55:40.347Z","dependency_job_id":null,"html_url":"https://github.com/c0rdis/security-champions-playbook","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/c0rdis%2Fsecurity-champions-playbook","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/c0rdis%2Fsecurity-champions-playbook/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/c0rdis%2Fsecurity-champions-playbook/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/c0rdis%2Fsecurity-champions-playbook/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/c0rdis","download_url":"https://codeload.github.com/c0rdis/security-champions-playbook/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250365647,"owners_count":21418720,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T02:01:03.821Z","updated_at":"2025-04-23T03:31:37.942Z","avatar_url":"https://github.com/c0rdis.png","language":null,"funding_links":[],"categories":["Training","Guidelines","Security Champions Programs","Others (1002)","Others"],"sub_categories":["Network Security"],"readme":"[![Mentioned in Awesome DevSecOps](https://awesome.re/mentioned-badge-flat.svg)](https://github.com/devsecops/awesome-devsecops#guidelines)\n\n# Intro\nSecurity Champions Playbook is a project started in preparation for the presentation [\"Security Champions 2.0\"](https://www.owasp.org/images/3/3c/OWASP_Bucharest_2017_Antukh.pdf) at OWASP Bucharest AppSec Conference 2017. It describes the main steps for fast establishment of a Security Champions program regardless of the company size and maturity of the existing security processes.\n\n\n# Who are the Security Champions?\nSecurity Champions are \"active members of a team that may help to make decisions about when to engage the Security Team\". They act as a core element of security assurance process within the product or service, and hold the role of the Single Point of Contact (SPOC) within the team.\n\n\n# What benefits do Champions bring to my company?\nMain advantages of having a team of Security Champions:\n* Scaling security through multiple teams\n* Engaging \"non-security\" folks\n* Establishing the security culture\n\n# Security Champions Playbook\nTo keep it simple, I've listed six easy-to-follow steps with clarifications for each step.\nChapters include general recommendations, links to known good sources as well as personal\nexperience. I will be happy to hear your feedback and update the playbook. Current version:\n\n### [1. Identify teams](Security%20Playbook/1.%20Identify%20teams.md)\n### [2. Define the role](Security%20Playbook/2.%20Define%20the%20role.md)\n### [3. Nominate Champions](Security%20Playbook/3.%20Nominate%20Champions.md)\n### [4. Set up communication channels](Security%20Playbook/4.%20Set%20up%20communication%20channels.md)\n### [5. Build solid knowledge base](Security%20Playbook/5.%20Build%20solid%20knowledge%20base.md)\n### [6. Maintain interest](Security%20Playbook/6.%20Maintain%20interest.md)\n\n---\n# Simplified diagram\n![alt text](assets/img/playbook.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fc0rdis%2Fsecurity-champions-playbook","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fc0rdis%2Fsecurity-champions-playbook","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fc0rdis%2Fsecurity-champions-playbook/lists"}