Security often feels like a separate world, with security teams pushing policies while product and engineering teams race to ship. In fast moving Agile environments, that gap can turn into real risk. A Security Champions program gives you a practical way to bridge that gap by empowering people inside delivery teams to be the voice of security in everyday work.
Our December 2025 Agile103 session, “Security Champions,” is for Scrum Masters, Product Owners, engineers, and security partners who want to build a stronger security culture without slowing everything down.
What is a Security Champion, and why does it matter
OWASP describes Security Champions as people inside delivery teams who help connect everyday development decisions.
Snyk calls a security champion a developer who formally represents an engineering team, acting as a bridge to the security group and helping keep security top of mind.
Industry stories from GitLab and others show that champions programs are one of the most effective ways to scale DevSecOps, because they turn security from an external audit into a shared responsibility.
In this session, we take these ideas out of theory and into the reality of your Agile teams, backlogs, and pipelines.
How to stand up a practical Security Champions program
We will walk through simple steps you can adapt regardless of your current maturity, for example
-
Choosing pilot teams and nominating champions who are curious and respected, not just “the security person”
-
Defining a clear role, including how champions support threat modeling, secure code reviews, and dependency hygiene
-
Creating simple communication channels and a community of practice so champions are never isolated
OWASP Security Champions principles and guides from vendors like Security Compass and Invicti offer concrete patterns for vision, training, and recognition that we will reference in plain language.
Microsoft’s guidance on threat modeling also shows how champions can help teams weave security thinking into Agile and DevOps workflows.
You will leave with a starter charter and checklists that will be available afterward in the Agile103 Resources Library.
Join the December 2025 “Security Champions” session
If you want to move from one overworked security team to a network of security aware Agile teams, this session is for you.
Check dates and registration details on the Agile103 Event Calendar, review related DevSecOps content in the Agile103 Event Archive, and consider joining the Agile103 Community of Practice to keep learning with peers.
Share this event listing with your product, engineering, and security leaders, ask who your natural champions already are, and bring those names and questions into the session so we can turn them into a real program.