How to make your security training fun? Think like a deviant

Secure code training is one of the first things Chief Technology Officer Rob Zuber asked me to handle when I started as CircleCI’s first security engineer a couple years ago. He wanted it to be fun. He wanted it to create tension in people’s chests. A few years earlier, he’d taken part in a security training event at Google. During an exercise at the event, he discovered a vulnerability that was wide open on his service. His heart started pounding as he raced to patch it. That