Here is the presentation I delivered recently at an online SC Conference on Web Application Security.
This is the consolidation of my recent research (and practical experience) of creating AppSec teams.
I think this structure and focus would make a massive difference (if implemented) at a large number of companies (specially the AppSec Squad concept)
The video is available on demand here
