Today, I’m joined by Michael Novak, a seasoned Application Security Architect turned Technical Product Manager. At the time of this recording, he was still working hands-on in AppSec! Having started his career as a Java software engineer, Michael knows firsthand the challenges developers face when it comes to building secure applications.

Outside of his technical roles, Michael has created several educational games — most notably Byte Club, a strategic card game that turns complex cybersecurity concepts into fun, accessible learning experiences. He also gives back to the community by mentoring students in technology and cybersecurity through his work with NPower.

In today’s episode, we explore whether product security engineering should be a quality engineering, and why it needs to go even further as a true extension of technology. We dig into how security training has moved beyond fear-based tactics toward more engaging, integrated approaches—and ask what kind of timeline it takes to build genuine trust in security roles.

Dive right in!