Software Security Program Strategy

How should you approach rolling out a successful software security program? With what high-level focus should you start? What's the most effective order to introduce tools, training, threat modeling, a security champions program, and how do you account for the existing culture?

Come share your thoughts and ideas in our open discussion format. No presentations, no recordings, no vendor pitches... just a great chat with great people.