The purpose of an application security team and the initiatives it should undertake are well understood these days. What’s less obvious is how to actually structure and assemble the team of professionals that will undertake these responsibilities.



It can be challenging to build a functioning AppSec team when it’s difficult to even find people with the right security skills. John Heasman, CISO at Chegg, focuses on three areas for creating an effective AppSec team, including:

Finding Talent

Structuring your Team—6 Personas to Consider

Partnering with Engineering