Update SCN section (#150)

* update SCN section and sign

* Update docs/security-champion/1-new_security_champion.md

Co-authored-by: Andrea Brambilla <1792970+andreabrambilla@users.noreply.github.com>

* Update docs/security-champion/1-new_security_champion.md

Co-authored-by: Andrea Brambilla <1792970+andreabrambilla@users.noreply.github.com>

* Update docs/security-champion/2-security_champion_activities.md

Co-authored-by: Andrea Brambilla <1792970+andreabrambilla@users.noreply.github.com>

* Update docs/security-champion/3-faq.md

Co-authored-by: Andrea Brambilla <1792970+andreabrambilla@users.noreply.github.com>

* Update docs/security-champion/index.md

Co-authored-by: Andrea Brambilla <1792970+andreabrambilla@users.noreply.github.com>

* Update docs/security-champion/2-security_champion_activities.md

Co-authored-by: Andrea Brambilla <1792970+andreabrambilla@users.noreply.github.com>

* add azure to learning section

* Update docs/security-champion/7-about.md

Co-authored-by: Stein A Sivertsen <steinsiv@users.noreply.github.com>

* add changes based off feedback

---------

Co-authored-by: Andrea Brambilla <1792970+andreabrambilla@users.noreply.github.com>
Co-authored-by: Stein A Sivertsen <steinsiv@users.noreply.github.com>

docs/security-champion/1-new_security_champion.md

@@ -0,0 +1,35 @@
+# I've joined, now what?
+
+## Welcome young padawan
+
+This is where the fun begins.
+
+- Join the [#appsec](https://equinor.slack.com/archives/CMM6FSW5V) channel on Slack
+- You will get an invitation to the [#security-champion](https://equinor.slack.com/archives/C036HGPBJ04) channel within a few days
+- Check out our [activities](./2-security_champion_activities.md)
+- Check out our [FAQ](./3-faq.md)
+
+!!! question "Here's a puzzle for you :"
+    Get your gift by _decoding_ this challenge - <https://forms.microsoft.com/r/cLRPzRtPGQ>
+
+## Add Security Champion events to your calendar
+
+To check all events, and add them to your own calendar, go to your outlook calendar and select the Security Champion Calendar from group calendars:
+
+![Security Champion Calendar](./add_SecurityChampions_calendar.png)
+
+_Note: This option might not be available on Mac, if that is your case, another option is to use outlook through connectit to add the events._
+
+You can also find a calendar of events on [SharePoint](https://statoilsrm.sharepoint.com/sites/securitychampion9)
+
+## Relevant Slack channels
+
+- [#Security-Champions](https://equinor.slack.com/archives/C036HGPBJ04): Your go-to channel for Security Champion events and information
+- [#AppSec](https://equinor.slack.com/archives/CMM6FSW5V): Information regarding AppSec
+
+!!! info
+    [#AppSec](https://equinor.slack.com/archives/CMM6FSW5V) Most general information should be posted here so everyone in Equinor has access to it and can participate! Dropping a ```@appsecteam``` in this channel will get our attention immediately.
+
+## Relevant events
+
+- Check out the [events section](./events/index.md) for the different events we have going on as well as our past events

docs/security-champion/security_champion_activities.md → docs/security-champion/2-security_champion_activities.md

@@ -3,18 +3,27 @@
 
 ## Introduce yourself
 
-Say hello in the [Security Champion channel](https://equinor.slack.com/archives/C036HGPBJ04) 👋 Always fun to meet new champions
+Say hello in the [Security Champion channel](https://equinor.slack.com/archives/C036HGPBJ04) 👋 Always fun to meet new champions.
 
 ## Ensure that all your code is being scanned by SAST
 
 Ensure all your projects code is scanned by Snyk, and that you have Snyk Code enabled for your projects. Using a linter is always good when you develop!
 
 ## Define [security requirements](../resources/security_requirements.md)
 
-Have a look at our [security requirements](../resources/security_requirements.md) page and define some for your project
+Have a look at our [security requirements](../resources/security_requirements.md) page and define some for your project.
+
+## Check out our guidelines
+
+We have created a few [guidelines](../guidelines/index.md). Please check them out and consider implementing them in your projects where it makes sense.
+
+!!! info
+    Feedback is good, so if you have any, feel free to contact us, or even create a PR on our [github repo](https://github.com/equinor/appsec/)!
 
 ## Threat Modelling activities
 
+We can organize introductory sessions to threat modelling, simply reach out to the `@appsecteam` on our Slack channel [#appsec](https://equinor.slack.com/archives/CMM6FSW5V).
+
 - Facilitate a [threat modelling session](../threat-modeling/resources/threat_modelling.md) with your team - looking at the high level architecture of your system(s)
 - Introduce "Abuser stories" for all your tasks (ex add it some template you are using for detailing tasks)
 
@@ -40,4 +49,4 @@ Just go to our github-repo and make a PR. Pro tip: You can use Visual Studio Cod
 
 ## Manually security test your application
 
-Have a look at [WSTG](https://owasp.org/www-project-web-security-testing-guide/)
+Have a look at [WSTG](https://owasp.org/www-project-web-security-testing-guide/).

docs/security-champion/faq.md → docs/security-champion/3-faq.md

@@ -16,18 +16,33 @@ It depends on what _you_ want to do. It can be everything from just informing th
 
 No, but we highly recommend everyone on sharing. It might also be that you hear about a problem or solution from a team member or co-worker that can be shared. Asking questions is also contributing!
 
+## I don't know anything that's worth sharing
+
+Are you sure? Everyone knows something, and how you apply certain tools or how you've implemented security testing could be very interesting! The [Impostor syndrome](https://en.wikipedia.org/wiki/Impostor_syndrome) is real, and we need to combat it.
+
+## I have a success story I want to share
+
+Awesome! We want to hear about what you did. Reach out to the AppSec team on Slack. Maybe we will award this with unique merch as well?
+
+Even if it was something "bad" you discovered in your project, why not share? It's important to highlight the issues we have as well as the good, as everything can be used to learn from.
+
 ## So I joined, what now?
 
-Say hi in to your fellow Security Champions in [#security-champion](https://equinor.slack.com/archives/C036HGPBJ04), join the channel [#appsec](https://app.slack.com/client/T02JL00JU/CMM6FSW5V) for security related questions and updates.
-Add the Morning Coffee to your calendar by downloading the calendar invite [here](https://statoilsrm.sharepoint.com/sites/securitychampion9).
+Check out what you can do in the [activities](./2-security_champion_activities.md) section.
 
 ## I want to attend one of the Security Champion events / meetups. Do you provide a WBS for hours and travel expenses?
 
 The Security Champion initiative is a network we invite IT professionals to join and share experiences. Members need to ask their project managers or line leaders for approval to travel and spend time on the network.
 
+## I don't have enough time to spend on security related work
+
+If you feel like the team do not get the needed time to work on security, please reach out to the AppSec team on Slack. We can help convey the importance and help highlight risk in your team.
+
 ## Can we have more Security Champions in our team?
 
-We recommend each team to have 1-2 champions, and share their learnings with the rest of the team. Remember that it is the entire team that is responsible for the security of applications in the team's portfolio. The Security champions will support the team, but not bear any extended responsibility.
+Ideally, each development team should have one or more team-members who takes on the role of Security Champion. If you are unsure if you have too many, don't hesitate in reaching out to ask.
+
+Remember that it is the entire team that is responsible for the security of applications in the team's portfolio. The Security champions will support the team, but not bear any extended responsibility.
 
 ## How can sign up to become a Security Champion?