POPULARITY
26 episodes with we hack purple
2 episodes with we hack purple
2 episodes with we hack purple
2 episodes with we hack purple
2 episodes with we hack purple
In this episode, Host Ron Eddings catches up with longtime friend, Tanya Janka, Head of Education and Community at SemGrep and author of 'Alice and Bob Learn Application Security.' Tanya shares her experiences from working in the Canadian government to joining Microsoft and eventually founding WeHackPurple. Tanya talks about her new role at SemGrep, where she focuses on making application security education accessible, and the importance of building supportive communities in the tech industry. Impactful Moments: 00:00 - Welcome 01:20 - Introducing guest, Tanya Janca 03:09 - “IDK How to Make SemGrep Rules…” 0707 - Finding Shadow IT & Embezzlers 11:27 - Join Our Mastermind 12:09 - Becoming an AppSec Professional 15:22 - Elections CISO 18:00 - Speaking at Conferences 21:15 - Microsoft Calls Me One Day… 23:21 - Parting Ways; But Still Friends 24:30 - “Can You Train Our Devs?” 27:50 - Fairness Is Important 32:27 - Put Yourself Out There! Links: Connect with our guest, Tanya Janca: https://www.linkedin.com/in/tanya-janca/ Check out SemGrep Academy: https://academy.semgrep.dev/ We Hack Purple Podcast: https://wehackpurple.buzzsprout.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Tanya Janca (@shehackspurple on X) joins Ken Johnson (@cktricky) and Seth Law (@sethlaw) for a special episode of the Absolute AppSec podcast. Tanya is currently head of education and community at Semgrep, and is a prominent info security commenter and active contributor to improving the industry for everybody through helping spread values of diversity, inclusion and kindness. Tanya has had experience with a range of roles, startup founder, pentester, CISO, AppSec Engineer, and software developer, and she's worked at major industry landmarks such as Microsoft, Adobe, and Nokia. She is an award-winning public speaker, the founder of We Hack Purple (since acquired by Semgrep), an active blogger and streamer and has delivered hundreds of talks and trainings on 6 continents. Catch up with Tanya's multiple activities and initiatives at her website https://shehackspurple.ca
Colin Bell, Rob Cuddy and Kris Duer from HCL Software bring you another insightful application paranoia session.In this weeks episode our special guest is Tanya Janca who is helping the team discuss all things Security in the Devlopment space. Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security'. She is also the head of education and community at Semgrep! As the founder of We Hack Purple, Tanya is bringing her security training to Semgrep customers and beyond. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an Advisor for NordSec and Katilyst and the Founder of We Hack Purple, OWASP DevSlop, WoSECShe and the very popular #CyberMentoringMonday. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.
In this episode of Secure Networks, Michael chats with Tanya Janka, aka SheHacksPurple, head of education and community at Semgrep and founder of We Hack Purple. Tanya discusses her transition from developer to security expert, the real issues behind the cybersecurity skills gap, and strategies for employee retention. She also dives into the implications of emerging technologies on security practices and the balance between automation and human expertise. Don't miss these valuable insights.Visit Tanya's websites: ► We Hack Purple - [https://wehackpurple.com/] ► Semgrep - [https://semgrep.dev/]
A US mortgage company reveals major data breach. Updates from CISA. NSA provides guidance on SBOMs. MongoDB warns customers of a breach. BlackCat/ALPHV is still a market leader, but feeling competitive pressure. Reassessing the effects of Log4shell. The International Committee of the Red Cross calls for restraint in cyber warfare. Ransomware hits a cancer center. Ann Johnson, host of Microsoft Security's Afternoon Cyber Tea podcast goes beyond basics with her guest Tanya Janca, founder of WeHackPurple. And what can I do to make you take home this chatbot today? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Host of Microsoft Security's Afternoon Cyber Tea podcast, Ann Johnson, goes beyond basics with her guest Tanya Janca, founder of WeHackPurple. Ann's full discussion with Tanya can be heard here. You can catch Afternoon Cyber Tea every other Tuesday on your favorite podcast apps and the N2K Network. Selected Reading Mr. Cooper reveals breach exposed 14.6 million clients (Cybernews) Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment (CISA) NSA Issues Guidance on Incorporating SBOMs to Improve Cybersecurity (Security Week) MongoDB says customer data was exposed in a cyberattack (Bleeping Computer) ALPHV Targeting: Ransomware & Digital Extortion (ZeroFox) A Log4Shell Retrospective - Overblown and Exaggerated (VulnCheck) We call on States to stop turning a blind eye to the participation of civilian hackers in armed conflict (ICRC) Seattle cancer center confirms cyberattack after ransomware gang threats (The Record) What can I do to make you take home this chatbot today? (Mastodon) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
Tanya Janca, head of Community and Education at Semgrep and the founder of WeHackPurple, joins Ann on this week's episode of Afternoon Cyber Tea. Tanya brings over two decades of coding and IT experience, navigating diverse landscapes from startups to tech giants like Microsoft, Adobe, and Nokia. Tanya is not just a seasoned professional; she's also the acclaimed author of 'Alice and Bob Learn Application Security,' a groundbreaking book that goes beyond the fundamentals, delving into intricate subjects such as threat modeling and security testing. She is a dynamic force in the cybersecurity community, an award-winning public speaker, and an engaging streamer, sharing her expertise through hundreds of talks and training sessions spanning six continents. Ann and Tanya unravel the layers of Tanya's journey, shedding light on the ever-evolving landscape of application security and beyond. Resources: View Tanya Janca on LinkedIn View Ann Johnson on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.
In this episode, noteworthy guest Tanya Janca returns to discuss her recent ventures and her vision for the future of Application Security. She reflects on the significant changes she has observed since her career at Microsoft, before discussing her new role at Semgrep that recently acquired WeHackPurple. Tanya sheds light on her decision to partner […] The post Application Security Trends & Challenges with Tanya Janca appeared first on Shared Security Podcast.
Tanya Janca, also known as SheHacksPurple, joins the Application Security Podcast again to discuss secure coding, threat modeling, education, and other topics in the AppSec world. With a rich background spanning over 25 years in IT, coding, and championing cybersecurity, Tanya delves into the essence of secure coding.Tanya highlights the difference between teaching developers about vulnerabilities and teaching them the practices to avoid these vulnerabilities in the first place. Instead of focusing on issues like SQL injection, she emphasizes the importance of proactive measures like input validation and always using parameterized queries. She believes teaching developers how to build secure applications is more effective than merely pointing out vulnerabilities.She also explains the importance of a secure system development life cycle (SDLC). Software companies often state "We take your security seriously." Tanya believes the phrase should only be used by companies that have a secure SDLC in place. Without it, the phrase is rendered meaningless.Discussing the intersection of coding and threat modeling, Tanya shares personal anecdotes that underscore the need to view systems with a critical eye, always anticipating potential vulnerabilities and threats. She recounts her initial reactions during threat modeling sessions, where she is surprised by the myriad ways applications can be exploited.One of her most crucial takeaways for developers is the principle of distrust and verification. Tanya stresses that when writing code, developers should not trust any input or connection blindly. Everything received should be validated to ensure its integrity and safety. This practice, she believes, not only ensures the security of applications but also makes the lives of incident responders easier.Toward the end of the podcast, Tanya recommends This is How They Tell Me the World Ends," which offers a deep dive into the zero-day industry. She lauds the book for its meticulous research and compelling narrative. The episode wraps up with Tanya encouraging listeners to stay connected with her work and to anticipate her upcoming book.Links:Alice and Bob Learn Application Security by Tanya Janca https://www.wiley.com/en-us/Alice+and+Bob+Learn+Application+Security-p-9781119687405This is How They Tell Me the World Ends by Nicole Perlroth https://thisishowtheytellmetheworldends.com/WeHackPurple https://wehackpurple.com/FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tanya Janca of the group We Hack Purple, talks with Security Ledger host Paul Roberts about the biggest security mistakes that DevSecOps teams make, and application development's “tragedy of the commons,” as more and more development teams lean on open source code. The post Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesSickened by Software? Changing The Way We Talk About 0DaysGitGuardian’s HasMySecretLeaked Is HaveIBeenPwned for DevOpsAttacks on APIs demand a Security Re-Think
In episode 79 of the We Hack Purple Podcast host Tanya Janca spoke to Isabelle Mauny , Field CTO and founder of 42Crunch! Isabelle and Tanya met way back in 2018, at an API Security workshop in Britain, having no idea they would be friends for years to come! Isabelle is extremely passionate about securing APIs, and has volunteered for several different groups and projects in order to try to steer our industry in a more secure direction, including being president of the OpenAPI group and lending her skills to the OWASP DevSlop project to fix up our Pixi app.Together they discussed several of the challenges when creating secure APIs, including: BOLA (Broken Object Level Authorization), bots, all sorts of other broken authentication (not just object-level), verbose error messages, the fact that APIs are *not* invisible to hackers, and so much more. Isabelle covered how to have a positive security culture, and build out a DevSecOps program that includes API security, what the OpenAPI protocol is, and several inspiring customer success stories. We also talked about her free IDE Plugin that gives you a score out of 100 for security, and how Tanya's first try at it she only got a score somewhere in the 20's to start! Of course, we also talked about the OWASP API Security Top Ten, and how that helped bring the important of securing APIs into the mainstream, rather than an obscure thing only AppSec people like Isabelle and Tanya obsess over.Isabelle also spoke about a webinar she will be on July 13, Mastering Secure API Development with GitHub and 42Crunch, you can sign up here: https://42crunch.com/mastering-secure-api-development-with-github-and-42crunch/Get to know Isabelle:Isabelle Mauny, co-founder and Field CTO of 42Crunch, is a technologist at heart. She worked at IBM, WSO2 and Vordel across a variety of roles, helping large enterprises design and implement integration solutions. At 42Crunch, Isabelle manages customer POCs , partners integrations and product training. She is a frequent speaker at conferences and a published author. Isabelle is passionate about APIs and enjoys sharing her experience in podcasts such as this one :)Isabelle Links!https://tools.openapis.orghttps://42crunch.com/mastering-secure-api-development-with-github-and-42crunch/https://apisecurity.iohttps://github.com/isamauny/codemotion2023/blob/main/RuggedAPIs-Codemotion-2023.pdfhttps://42crunch.com/blog/Very special thanks to our sponsor, Semgrep!Semgrep Supply Chain's reachability analysis lets you ignore the 98% of false positives in open source vulnerabilities and quickly find and fix the 2% of issues that are actually reachable.Get Your Free Trial Here! Semgrep also makes a ludicrously fast static analysis tool They have a free and paid version of this tool, which uses an open-source engine, and offers additional community created ruleset!
How do you make the jump from ER nurse to SOC analyst? Alex Gatz did it, and he's sharing his insights and tips with the eXecutive Security podcast audience. Don't miss this fascinating discussion about making a bold career change, the power of LinkedIn, what a security researcher does, the benefits of working for a startup, and more.Alex Gatz is a senior security researcher at ThreatX. Previously, he worked as a data analyst and ER nurse at MidMichigan Health. Alex Gatz on LinkedIn: https://www.linkedin.com/in/alexgatz/ Stephen Semmelroth: https://www.linkedin.com/in/semmelroth/ We Hack Purple: https://www.linkedin.com/company/wehackpurple/
Host Paul Roberts speaks with Boyd Multerer, the CEO and founder of Kry10, which has made a secure OS for the Internet of Things. The post Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesBlack Hat: Colin O’Flynn On Hacking An Oven To Make It Stop LyingEpisode 250: Window Snyder of Thistle on Making IoT Security EasyEpisode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple
Tanya Janca, Founder of We Hack Purple, and Eric Sheridan, Chief Innovation Officer at Tromzo, join us for a special episode of the Future of Application Security Podcast. This episode was originally recorded as a LinkedIn Live on June 25, 2023. Tanya and Eric discuss how understanding the context in which applications operate is crucial for effective AppSec prioritization. You don't want to miss this insightful session to uncover how to choose AppSec priorities based on software supply chain security, code-to-cloud business context, and metrics. Let's empower organizations to strengthen their Application, Product, and Cloud Security practices and stay ahead of emerging threats. Topics discussed: The significance of software supply chain security and the importance of preventive controls that integrate security policies throughout the SDLC. How code to cloud business context emphasizes the need to consider various business models, ownership structures, and how they influence security requirements. Where leveraging metrics effectively can enhance an organization's AppSec posture and mitigate risks.
In episode 75 of the We Hack Purple Podcast, host Tanya Janca interviews Enno, a security researcher from Semgrep. They discussed all things static analysis, including; how do we come up with SAST rules, what's important to search for, important considerations when writing rules, testing rules before wider roll out, and writing rules specifically for Semgrep.We briefly got into The Official Docs, and content creation for both internal and external use, plus its importance when trying to scale your security efforts.Want more Enno?They can be found here!https://www.linkedin.com/in/enno-liu/https://www.youtube.com/@enncodedhttps://youtu.be/g_Yrp9_ZK2chttps://twitter.com/enncodedThe video by Enno that we discussed can be watched here!https://twitter.com/enncoded/status/1648908623152844801Very special thanks to our sponsor: Day of Shecurity! This annual event advocates for inclusion & diversification of gender in cybersecurity, AND it's very soon. Day one is May 18th (virtual) and day two is May 19th, in person in Redwood City, California, United States. Tickets are FREEEEEEEEE!View the agenda here: https://guides.dayofshecurity.com/view/314270378/If you're not sure, you can see videos from previous events here: https://www.youtube.com/c/DayofShecurity.Join We Hack Purple!Check out our brand new courses in We Hack Purple Academy. Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find us, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!
In episode 71 of the We Hack Purple Podcast Host Tanya Janca speaks to the Ariel Shin from Twillio! Ariel does product security, and as you might imagine, Tanya had at least 100 questions for her. We discussed threat modelling, influence, persuasion and other communication skills needed to be an effective #AppSec person (or any security professional, for that matter). The conversation got really interesting as we dove into how to communicate with an executive, versus an engineer, versus a non-tech person, and how we can communicate and advocate for security (effectively) in the process. She talked about breaking down an argument into multiple pieces, to ensure you get the message across the best possible way. If you are someone who has struggled with convincing the rest of IT to patch or fix bugs, she breaks down how to do this in a way Tanya plans to adopt from now on. Take a listen at the links below! Ariel's Bio: Ariel Shin is a product security team lead at Twilio. Ariel started her career as a penetration tester, specializing in web and mobile security, before moving into the product security space. Ariel enjoys building relationships with developers through secure code reviews, threat modeling, security training, and vulnerability management. Currently, Ariel is working on rolling out and expanding Self-Service Threat Models for the Twilio Org. Ariel's Social Media: linkedin.com/in/arielshin/ Link to the great podcast episode Ariel spoke about: “Hacker Explains One Concept in 5 Levels of Difficulty” by WIRED Podcast, featuring Samy Kamkar. Very special thanks to our sponsor: Women's Society of Cyberjutsu! Women's Society of Cyberjutsu are hosting CYBERJUTSU CON 4.0 and the 10th Annual Cyberjutsu Awards on June 24, 2023!!! The Con will consist of Hands-on Workshops, Capture The Flag (CTF) Competitions, Professional Headshots, Recruiting Opportunities, Celebration, and more. Participants will walk away with hands-on knowledge that can be applied immediately on the job. You can check out the event here: https://womenscyberjutsu.org/page/CyberCon2023 FYI the call for papers is still OPEN! Apply here: https://www.papercall.io/cyberjutsucon2023 And the nominations for the Annual Cyberjutsu Awards are here: https://womenscyberjutsu.org/page/AWARDS2023 Join We Hack Purple! Check out our brand new courses in We Hack Purple Academy. Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find us, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!
Tanya Janca, CEO and Founder of We Hack Purple, sits down to talk about her exciting path into the field of cybersecurity. Trying several different paths in high school, she soon found she was good at computer science. When it came to picking a college, she knew that was the field she wanted to get into. After college, she was able to use her skills to work at a couple of different organizations, eventually getting into the Canadian government. While there, she held the position of CISO for the Canadian election in 2015 when Justin Trudeau was elected, but she knew she wanted to try something new. She switched from programming to security and after working at Microsoft as a presenter, she eventually found that she wanted to start her own company, saying "at first it was just me presenting, but now we have community members present to each other and it's just been really beautiful to see that grow." She hopes that with her and her community's help, nobody is left feeling unsafe when it comes to being online.
Tanya Janca, CEO and Founder of We Hack Purple, sits down to talk about her exciting path into the field of cybersecurity. Trying several different paths in high school, she soon found she was good at computer science. When it came to picking a college, she knew that was the field she wanted to get into. After college, she was able to use her skills to work at a couple of different organizations, eventually getting into the Canadian government. While there, she held the position of CISO for the Canadian election in 2015 when Justin Trudeau was elected, but she knew she wanted to try something new. She switched from programming to security and after working at Microsoft as a presenter, she eventually found that she wanted to start her own company, saying "at first it was just me presenting, but now we have community members present to each other and it's just been really beautiful to see that grow." She hopes that with her and her community's help, nobody is left feeling unsafe when it comes to being online. Learn more about your ad choices. Visit megaphone.fm/adchoices
We Hack Purple Podcast Episode 67 with Jeremy VenturaIn this episode of the We Hack Purple podcast host Tanya Janca met with Jeremy Ventura of ThreatX, to discuss how we can help more people from underrepresented groups into tech and specifically into the field of Cybersecurity / InfoSec. How do we get them a seat at the table? How can we share knowledge and educate people en mass? Can we advocate for others? (Spoiler alert: Jeremy and I gave several examples of both sides of that equation) We talked about “Saying yes more often!” when we are asked to do something a bit outside our comfort zone, if it might bring us new opportunities. We talked about imposter syndrome, different learning styles, and that you can come from any career, education or background, and there's a place for YOU in our field!Jeremy also shared some links and events too!ThreatX Cyber 101 Event! March 23, 2023The ThreatX blogJeremy's LinkedIn#CyberMentoringMondayEXploring Cyber Security - web cast Date unknown - early MarchArticle about #CyberMentoringMonday, read here: Article about mentoring and advocacyJeremy's Bio:Jeremy Ventura is a cybersecurity professional, specializing in advising organizations on information security best practices. He has years of experience in vulnerability management, email security, incident response and security center operations. At ThreatX, he is responsible for the development and presentation of thought leadership across all areas of cybersecurity. Ventura is an industry leader that can regularly be seen in media, blog posts, podcasts and at speaking events. Previously, Ventura worked at Gong, Mimecast, Tenable and IBM, among other security organizations. Ventura holds a Master's Degree in Cybersecurity and Homeland Security.Very special thanks to our sponsor: The Diana Initiative!The Diana Initiative Is: A diversity-driven conference committed to helping all underrepresented people in Information Security. This year the theme is “Lead the Change.”The Diana Initiative is seeking sponsors for their annual event happening Monday August 7, 2023 in Las Vegas - https://www.dianainitiative.org/sponsor/ for more informationThe Diana Initiative Call For Presentations opens on March 1, if you have a topic you want to share submit at tdi. https://tdi.mobi/CFPJoin We Hack Purple!Check out our brand new courses in We Hack Purple Academy. Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find us, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!
In this incredible episode, The OSINTion and WeHackPurple team up to explore the fascinating world of Information Security. Joe Gray of The OSINTion and Tanya Janca of We Hack Purple will dive deep into topics such as Application Security (AppSec) and Open Source Intelligence (OSINT). They will also share stories of their experiences at conferences and discuss organizations that help women and people from underrepresented groups break into the Information Security industry. Don't miss out on hearing Tanya's incredible OSINT story that blows Joe's mind! Joe and Tanya may have something super exciting to reveal to the world as well ;-) Other streaming platforms: Twitch: https://www.twitch.tv/theosintion YouTube: https://www.youtube.com/@theosintion9198 Live Courses: https://www.theosintion.com/courses Discord: https://osint.mobi/discord Links to Women and Underrepresented People Groups in Information Security: Women's Society of Cyber Jutsu: https://womenscyberjutsu.org/ WoSEC: https://www.womenofsecurity.com/ WISP: https://www.wisporg.com/ WyCyS: https://www.wicys.org/ Links to Women and Underrepresented People Conferences in Information Security: The Diana Initiative: https://www.dianainitiative.org/ Day of SHEcurity: https://www.dayofshecurity.com/ QueerCon: https://twitter.com/queercon?lang=en Contacting Tanya: Twitter: https://twitter.com/shehackspurple LinkedIn: https://www.linkedin.com/in/tanya-janca/ TikTok: https://www.tiktok.com/@shehackspurple YouTube: https://www.youtube.com/shehackspurple Contacting We Hack Purple: Web: https://wehackpurple.com/ Twitter: https://twitter.com/wehackpurple LinkedIn: https://www.linkedin.com/company/wehackpurple/ YouTube: https://www.youtube.com/wehackpurple Community: https://community.wehackpurple.com/ Academy: https://academy.wehackpurple.com/ --- Send in a voice message: https://podcasters.spotify.com/pod/show/the-osintion/message Support this podcast: https://podcasters.spotify.com/pod/show/the-osintion/support
In this episode of the We Hack Purple podcast host Tanya Janca met with Anant Shrivastava! We talked about securing the entire software supply chain (including your CI/CD and where you get your packages from), and how it is more than just buying a software composition analysis (SCA) tool. He explained the new and very different risks of securing a mobile app versus a regular web app or an API, that's he's more of an ops than a dev person, and how the risks are all coming together now that many of us are doing DevOps. He shared his numerous open source projects, such as: Code vigilant: https://codevigilant.com/, TamerPlatform : https://tamerplatform.com/ and HackingArchivesOfIndia https://hackingarchivesofindia.com/. Anant's Bio:Anant Shrivastava is an experienced information security professional with over 15 years of corporate experience. He has expertise in Network, Mobile, Application and Linux Security. He is the founder of Cyfinoid Research, a cyber security research firm and has previously served as Technical Director at NotSoSecure Global Services, a boutique cyber security consultancy. He is a frequent speaker and trainer at international conferences such as BlackHat, Nullcon, and c0c0n. Additionally, Anant leads the open source projects Tamer Platform and CodeVigilant and maintains the Hacking Archives of India. He also participates in open communities targeted towards spreading information security knowledge such as null (null.community). His work can be found at anantshri.info and his blog is here https://blog.anantshri.info/!Very special thanks to our sponsor: The Diana Initiative!The Diana Initiative is seeking sponsors for their annual event happening Monday August 7, 2023 in Las Vegas - https://www.dianainitiative.org/sponsor/ for more informationThe Diana Initiative Call For Presentations opens on March 1, if you have a topic you want to share submit at tdi.The Diana Initiative Is: A diversity-driven conference committed to helping all underrepresented people in Information Security. This year the theme is “Lead the Change.” You can submit to be a speaker at tdi . mobi / CFP or if your company would like to support the event by sponsoring check out https://www.dianainitiative.org/sponsor/Join We Hack Purple!Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find us, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!
In this episode of the We Hack Purple podcast host Tanya Janca met with Frank from Phoenix Security in the UK! We talked about this latest white paper ‘SLAs are Dead, Long Live SLAs!', how AppSec folks aren't necessarily ‘great' at maintaining their own SLAs, and how to empower a team to do their own governance and be responsible for their own risk. We talked about how to figure out the security maturity model you are looking for, and what kind of language we can use to help a client decide it for themselves. We also talked about how to get several industry experts to work on the same document together: spoiler alert, it's hard! Listen to hear more!The White Paper: SLAs are Dead, Long Live SLAs! Data Driven Vulnerability ManagementFrank's Podcast: Cyber Security and Cloud PodcastSeveral MORE White Papers from Phoenix Security:Priority: https://phoenix.security/whitepapers-resources/vulnerability-management-in-application-cloud-security/ Vulnerability management and regulation: https://phoenix.security/whitepapers-resources/whitepaper-vulnerability-management-in-application-cloud-security/ Upcoming Webinars with Frank!16/02 - 4m GMT - Brooks Shoenfield - SLA, application security and data driven programs : https://youtube.com/live/dfANH8WKavY?feature=share22/2 - 5 PM GMT - Chris Romeo - Data Driven Application security programs, how to measure maturity and scale : https://youtube.com/live/wqlC-cClqYE?feature=shareFrank's Bio:Francesco is a seasoned entrepreneur, CEO of the Application Security Risk based posture management Appsec Phoenix, author of several books, host of multi award Cyber Security & Cloud Podcast, speaker and known in the in the cybersecurity industry and recognized for his visionary views. He currently serves as Chapter Chair UK&I of the Cloud Security Alliance. Previously, Francesco headed the application and cloud security at HSBC and was Senior Security Consultant at AWS. Francesco has been keynoting at global conferences, have authored and co-authored of a number of books. Outside of work, you can find me running marathons, snowboarding on the Italian slopes, and enjoying single malt whiskeys in one of my favourite London clubs. Very special thanks to our sponsor: Phoenix Security!Phoenix Security ingests data from any security tool, cloud, or code, correlates vulnerabilities, contextualizes, prioritizes and translates into risk. Phoenix Algorithm selects the subset of vulnerabilities more likely to get exploited in the next 30 days, delivering them to the engineers' backlog. From Code to cloud contextualize, Prioritize enables security engineers to act on the risk that matters most without burning out. Join We Hack Purple!Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find We Hack Purple Podcast, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!
In this episode of the We Hack Purple podcast host Tanya Janca met with her colleague from IANs Faculty: Mick Douglas, founder of InfoSec Innovations! We talked about EVERYTHING AppSec and definitely could haveeasily talked at least 2 more hours! He explained what honey pots/honey files/honey links are, and how to use them. Creating a "tamper evident" network and system, as well as how marketing people have really messed up the term "shift left" for the rest of us. Not only that, but the episode had TONS of laughs! Mick's Bio:Mick Douglas has over 10 years of experience in information security and is currently the Managing Partner for InfoSec Innovations. He specializes in PowerShell, Unix, Data Visualization, Hardware, and Radio Hacking and teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC555: SIEM with Tactical Very special thanks to our sponsor: Luta Security!Luta Security is the global leader in transforming how governments and organizations work with friendly hackers to bolster their security. LutaSecurity can manage end-to-end vulnerability disclosure and bug bounty programs or train your existing staff to maximize your security investment. Visit LutaSecurity.com/services to get started today!Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find us, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!#appsec #wehackpurple #shehackspurple
In this episode I had the pleasure of speaking with Tanya Janca, Application Security Guru and the founder of We Hack Purple & She Hack Purple. She is awesome the author of Alice & Bob Learn Application Security. We had a fantastic conversation and I hope you enjoy it, if you do then please leave a review and share the podcast!Tanya's Links:LinkedIn: https://www.linkedin.com/in/tanya-janca/Website: https://wehackpurple.com/Book: https://tinyurl.com/4ywpcpfxTwitter: https://twitter.com/shehackspurpleManufacturing MattersInsights and interviews discussing trends, innovations, and advanced automation technologyListen on: Apple Podcasts SpotifySupport the showFollow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastTikTok: Not today China! Not today
In this episode, I was joined by Tanya Janca to chat about Application Security (or AppSec for short!). We chatted about various topics - from security topics and training, to her book and online community, to public speaking!Tanya is the founder and CEO at We Hack Purple, which is an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. She's also the Director of Developer Relations at Bright, and best-selling author of the book Alice and Bob Learn Application Security.For a full list of show notes, or to add comments - please see the website here
Application security maven Tanya Janca – AKA SheHacksPurple – is an accomplished author, pentester and onetime music festival organizer. But she's perhaps best known as the founder of We Hack Purple, a community of security professionals dedicated to sharing useful cyber information including coding trainings and coursework. (Dynamic application security testing Bright Security acquired We Hack Purple earlier this year, bringing its own approach to the “shift left” dilemma of moving cybersecurity earlier in the software development cycle.)Tanya has spent much of her career in cybersecurity and IT empowering others to strengthen their own skills. With We Hack Purple, she built a community from the ground up, and she's organized plenty of security talks and capture-the-flag tournaments along the way. Computer science can be a nebulous, wide-ranging field – Tanya has further helped people zero in on what they should focus on learning in the wide world of cybersecurity. -------Tune into the episode to hear more on: * The story behind Tanya's bestselling book, “Alice and Bob Learn Application Security” * The qualities that make a good pentester: “You have to be very determined and detail oriented,” as Tanya put it* #cybermentoringmonday and the value of professional mentorship -------Links: * https://wehackpurple.com/* https://brightsec.com/* https://www.synack.com/* https://readme.security/
Tanya Janca the Director of Developer Relations of Bright explains if developers care about security? Get more info at https://SheHacksPurple.ca, https://WeHackPurple.com/, & https://BrightSec.com/
In this episode of Security Masterminds, Tanya Janca shares her insights on application security, OWASP, and her community, "We Hack Purple." "I would say software developers are more interested in security than they ever have been before they're being pushed that way, but I think a lot of them are just becoming interested in it."Tanya Janca is the director of Developer Relations at Bright Security and founder of the We Hacks Purple community. She is a software developer with over 20 years of experience and is the author of the book Alice and Bob Learn Application Security.In this episode, you will learn: Tanya Janca's experience as a software developer, musician, and pentester The importance of networks and community in cybersecurity The shift towards increased security awareness among software developersAbout Tanya JancaWebsite: https://shehackspurple.ca/ Social Media: https://twitter.com/shehackspurpleBright Security - https://brightsec.com/vulnerabilitiesCyber Mentoring Monday - https://twitter.com/hashtag/CyberMentoringMondayWe Hack Purple Academy (on Brightsec) https://community.wehackpurple.comAlice & Bob Learn Series - AliceAndBobLearn.com LinkedIn: https://www.linkedin.com/in/tanya-jancaEmail: tanya.janca@brightsec.comShow Notes:OWASP - https://owasp.org/Sherif Koussa - https://www.linkedin.com/in/sherifkoussa/Katie Moussoouris, Luta Security - https://www.linkedin.com/in/kmoussouris/ASVS - https://owasp.org/www-project-application-security-verification-standard/KnowBe4 ResourcesKnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/
2B Bolder Podcast : Career Insights for the Next Generation of Women in Business & Tech
In episode #67 of the 2B Bolder podcast Tanya Janca, Director of Developer Relations & Community at Bright Security, also known as SheHacksPurple is our featured woman in tech. Tanya is the best-selling author of Alice and Bob Learn Application Security. She is also the founder of We Hack Purple, an online learning academy, community, and podcast that teaches everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings worldwide. Tanya values diversity, inclusion, and kindness and is always looking for ways to open doors for others. Meeting Tanya and learning about today's various security roles was educational and a delight. Tune in to hear how her passions have led her to a fulfilling career. Connect with Tanya Janca on LinkedIn Advisor: Nord VPN, Cloud Defense, NeuraLegion, ICTC PACFounder: We Hack Purple, OWASP DevSlop, #CyberMentoringMonday, WoSECThe 2B Bolder Podcast provides first-hand access to some amazing women. Guests will include women from leading enterprise companies to startups, women execs, coders, account execs, engineers, doctors, and innovators.Listen to 2B Bolder for more career insights from women in tech and business. Support the show
Tanja's story started in a computer science family in the 70s, where Tanja fell in love with computers. She spoke about programming in high school, coming out of college during the DotCom bubble, and learning best practices of software engineering she had never learned during her early self-studies. We then spoke about the role communities, and lunch&learn activities played in her career. She described how penetration testing and security slowly made their way into her life. Tanja explained how she discovered the OWASP community and embraced public speaking. And finally, we spoke about creating We Hack Purple, the effects of learning cybersecurity when you are a developer, and much more.Here are the links from the show:https://www.twitter.com/shehackspurple/https://shehackspurple.ca/https://newsletter.shehackspurple.cahttps://wehackpurple.comhttps://aliceandboblearn.com/https://www.linkedin.com/in/tanya-janca/https://zerodayreapers.bandcamp.com/track/heartbleedhttps://www.facebook.com/tanya.janca/ CreditsCover Heliotrope by Blue Dot Sessions is licensed CC BY-NC-ND 4.0.Your host is Timothée (Tim) Bourguignon, more about him at timbourguignon.fr.Gift the podcast a rating on one of the significant platforms https://devjourney.info/subscribeSupport the show
This episode is sponsored in part by ZOOM Platform. No, not the video conferencing app ZOOM Platform! The premier DRM-Free games portal. Remember: you can also always follow the show on Twitter @dotnetcoreshow, and the shows host on Twitter @podcasterJay or visit our Contact page. Welcome to season 5 of the award-winning .NET Core Podcast! Check that link for proof. Hello everyone and welcome to The .NET Core Podcast is a podcast where we reach into the core of the .NET technology stack and, with the help of the .NET community, present you with the information that you need in order to grok the many moving parts of one of the biggest cross-platform, multi-application frameworks on the planet. I am your host, Jamie "GaProgMan" Taylor. In this episode, I talked with Tanya Janca about application security (sometimes called appsec), We Hack Purple which is a community of people who want to help make all applications more secure, the free courses that We Hack Purple are providing, and we swap stories of working to make applications more secure. Along the way, we discuss Tanya's new book, OWASP, recommended security headers for HTTP (and most importantly Content-Security Policy), and how important they can be when the spam really hits the fan. Tanya has actually been on the podcast in the past, back on episode 77 when we talked about her book Alice and Bob Learn Application Security. Interestingly, Tanya has a whole new book planned, which she'll be working on when this episode drops. The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at https://dotnetcore.show/episode-105-more-app-security-with-tanya-janca Useful Links from the episode: Tanya on Twitter We Hack Purple Community We Hack Purple Podcast OWASP OWASP's global chapters Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinions of the show, so please do get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast
Tanya Janca, also known as @SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives. https://wehackpurple.com BrakeSec is: Amanda Berlin @infosystir Brian Boettcher @boettcherpwned Bryan Brake @bryanbrake www.brakeingsecurity.com https://twitch.tv/brakesec
Tanya Janca, also known as @SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives. https://shehackspurple.ca/ BrakeSec is: Amanda Berlin @infosystir Brian Boettcher @boettcherpwned Bryan Brake @bryanbrake www.brakeingsecurity.com
Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech. She values diversity, inclusion, and kindness. LinkedIn: https://www.linkedin.com/in/tanya-janca/ Jobs in InfoSec: https://shehackspurple.ca/2022/01/01/jobs-in-information-security-infosec/ We Hack Purple Community: https://community.wehackpurple.com/ #CyberMentoringMonday: https://twitter.com/search?q=%23CyberMentoringMonday&src=typed_query&f=live
In this episode of the We Hack Purple Podcast we meet James Tabron the director of Engineering at Twilio! James switched from security to engineering recently, and wanted to share how startups and large companies can both start their SOC2 compliance programs. He shed a lot of light on where to start, common challenges, how much value can be gained from SOC two, and even how to automate the process. He also confirmed our on-going assumptions that good soft skills and specifically empathy were the most important things to look for when hiring someone to run an effective compliance program. Tune in to learn more!Thank you so much to our sponsor, Bright Security! Check out their amazing #DAST! Join us in the We Hack Purple Community!A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter!Find us on Apple Podcast, Overcast + Pod #TanyaJanca #SheHacksPurple #DevOps #CyberSecurity #DAST #BrightSec #DevSecOps #AppSec
In today's episode Marc and Karl are joined by Tanya Janca, best-selling author of Alice and Bob Learn Application Security, to talk about what it is like being a woman in cybersecurity, the origin story of We Hack Purple, and how important it is to be integrated and invested in the cybersecurity community. You can check out We Hack Purple here : https://wehackpurple.com/ and you can find her book Alice and Bob Learn Application Security here : https://www.amazon.com/Alice-Bob-Learn-Application-Security/dp/1119687357
In the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw272
This week, in our first segment, we welcome Prashasth Baliga, Senior Security Consultant at Palo Alto Networks to talk about Security Orchestration and Automation Simplified! Then, Ryan Fried, Senior Security Engineer at Brooks Running, joins for an interview about Getting Value from SOAR beyond Phishing Workflows! Finally, in the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw272
This week, in our first segment, we welcome Prashasth Baliga, Senior Security Consultant at Palo Alto Networks to talk about Security Orchestration and Automation Simplified! Then, Ryan Fried, Senior Security Engineer at Brooks Running, joins for an interview about Getting Value from SOAR beyond Phishing Workflows! Finally, in the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw272
In the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw272
Today's Day Two Cloud gets into application security and working with developers to make sure code is sanitized and tested. Writing secure code at the outset can dramatically reduce risk and help simplify operations and security. Our guest is Tanya Janca, founder of We Hack Purple. We Hack Purple offers free training courses for people who want to get into security.
Today's Day Two Cloud gets into application security and working with developers to make sure code is sanitized and tested. Writing secure code at the outset can dramatically reduce risk and help simplify operations and security. Our guest is Tanya Janca, founder of We Hack Purple. We Hack Purple offers free training courses for people who want to get into security. The post Day Two Cloud 143: Application Security Isn’t Just For Developers appeared first on Packet Pushers.
Today's Day Two Cloud gets into application security and working with developers to make sure code is sanitized and tested. Writing secure code at the outset can dramatically reduce risk and help simplify operations and security. Our guest is Tanya Janca, founder of We Hack Purple. We Hack Purple offers free training courses for people who want to get into security.
Today's Day Two Cloud gets into application security and working with developers to make sure code is sanitized and tested. Writing secure code at the outset can dramatically reduce risk and help simplify operations and security. Our guest is Tanya Janca, founder of We Hack Purple. We Hack Purple offers free training courses for people who want to get into security. The post Day Two Cloud 143: Application Security Isn’t Just For Developers appeared first on Packet Pushers.
I had a great opprtunity to speak to Tanya Janca. Such a great human being! We talked about a lot of criticcal topics when it comes to the state of the industry and also her big news!
Today's Day Two Cloud gets into application security and working with developers to make sure code is sanitized and tested. Writing secure code at the outset can dramatically reduce risk and help simplify operations and security. Our guest is Tanya Janca, founder of We Hack Purple. We Hack Purple offers free training courses for people who want to get into security.
Today's Day Two Cloud gets into application security and working with developers to make sure code is sanitized and tested. Writing secure code at the outset can dramatically reduce risk and help simplify operations and security. Our guest is Tanya Janca, founder of We Hack Purple. We Hack Purple offers free training courses for people who want to get into security. The post Day Two Cloud 143: Application Security Isn’t Just For Developers appeared first on Packet Pushers.
If you are interested in improving diversity in security, this is the episode for you! Over the years we have had some very wise guests come on this show and share their views on diversity, why it matters, and how it can be improved. In this episode, we bring you a collection of insights, techniques, and approaches that may help you on this front. Tuning in, you'll hear how Nitzan Blouin from Spotify built a team that is 75% female, information about Tad Whitaker's Day of ‘Shecurity' and the innovative way he trains women for jobs in security, as well as insight into the internship program at Snyk and how it improved diversity. We also hear some great tips from Vandana Verma from Snyk, Tanya Janca from We Hack Purple, and Rinki Sethi from Twitter. Tune in for all this and more!
All things AppSec and Purple Teaming with Tanya Janca, founder of the We Hack Purple community platform. --- Send in a voice message: https://anchor.fm/cyberspeakslive/message
Jeff Williams from Contrast Security takes our questions about their new Serverless Scanning Tool and gives a demo to show just how easy it is. Video demo can be found here: https://youtu.be/R4NkfbNw5YsLearn more here: https://www.contrastsecurity.com/contrast-serverless-application-security Join our online community here: community.wehackpurple.com Our online courses in #AppSec and Secure Coding: academy.wehackpurple.com
All too often, the AppSec team or security team is a person of one. How can you add more people to the team with out a massive increase to the budget?Persuasion!This talk was given at SecTor (Toronto) Nov 2021. Scaling your Team is part of our Application Security Program at Academy.WeHackPurple.Com
AppSec Stats Flash: A Monthly Podcast on the State of Application Security
The Alice and Bob characters were invented by Ron Rivest, Adi Shamir, and Leonard Adleman in their 1978 paper "A Method for Obtaining Digital Signatures and Public-key Cryptosystems". Alice and Bob were also joined by an additional cast of characters as needed to keep the explanation of cryptographic systems lively and relatable. The famous Cryptographic couple have now ventured into Application Security. In her book, "Alice and Bob Learn Application Security", my guest today Tanya Janca, has done a fantastic job of discussing 10 topics across 3 sections to address the subject of AppSec. Tune in to the podcast as we discuss the practitioner aspects of being a security minded developer.Special Guest: Tanya Janca, CEO and Founder of We Hack PurpleTanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives.community.wehackpurple.comacademy.wehackpurple.comaliceandboblearn.comChecklists:Secure Design Conceptshttps://newsletter.wehackpurple.com/foundational-security-conceptsPCI-DSS for Devs!https://newsletter.wehackpurple.com/pci-dss-for-devsAPI Security Best Practiceshttps://newsletter.wehackpurple.com/api-securityApplication Security Activitieshttps://newsletter.wehackpurple.com/appsec-activitiesAzure Hardening Best Practicehttps://newsletter.wehackpurple.com/azure-hardeningError Handling and Logginghttps://newsletter.wehackpurple.com/errors-and-loggingSecure Coding Guidelineshttps://newsletter.wehackpurple.com/secure-coding-guidelinesTips For Getting Into InfoSechttps://newsletter.wehackpurple.com/getting-into-infosecWeb App Security Requirementshttps://newsletter.wehackpurple.com/web-app-security-requirementsMore Links!Check out other episodes of Security in the Fast Lane: https://www.whitehatsec.com/security-in-the-fastlane/Check out our other podcast, AppSec Stats Flash: https://www.whitehatsec.com/appsec-stats-flash/To learn more about NTT Application Security, visit us at www.whitehatsec.com
Picture this: you're working on a new software that will revolutionize your industry. You've got your work cut out for you, from design to programming to integration. But what about security? Keeping your software secure should be in the conversation from day one, but not all developers are well-versed in application security. The good news is that you're not alone, and even if this picture that we've painted isn't of you, there are still very accessible ways to learn about application security and information security. One of these ways is We Hack Purple, created by a Microsoft alumnus. In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the founder of We Hack Purple and former Microsoft Senior Cloud Advocate, Tanya Janca, to discuss her company, trainings, and why it's so important to keep up with the newest movements in the world of security. Before founding her company, Tanya found herself red-teaming and blue-teaming, and declared herself in the world of Purple. She brings us into that world, breaks down app-sec framework, and even gives a few sci-fi book recommendations. In This Episode You Will Learn: How to keep up with new practices for security professionals The frame work for application security How to work with and communicate effectively with software developers Some Questions We Ask: How do we bridge the gap between developers and the security world? What are the pros and cons of threat modeling? Who should get involved in application security? Resources: We Hack Purple View Tanya on LinkedIn View Natalia on LinkedIn View Nic on LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.
Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives. In this episode…. Tanya Janca comes from a family of mathematically-minded and computer-literate people. Her father was a technologist, her mother a mathematician chemist, and two aunts and three uncles were computer scientists. In many ways she was born into what she does. We Hack Purple is Tanya's company where she lives her passion for cyber security, teaching, and bringing developers together. Tanya is also an accomplished musician, she plays guitar, drums, and sings, and has been part of several bands. She hosts two podcasts, one of which features extensive exploration of every chapter in her book ‘Alice and Bob Learn Application Security'. She is an engaging, brilliant, and very personable teacher. In this episode of What CEOs Talk About, host Martin Hunter and Tanya Janca discuss how she got into cyber security and founded We Hack Purple. They discuss Tanya's journey through being a software developer, working for Microsoft, and failing at the very first company she founded. They also explore sexism in the industry, how best to teach security to developers, and Tanya's plans for Alice and Bob.
Host Tanya Janca learns what it's like to do Cybersecurity Product testing and reviews at Security Weekly Labs with guest Adrian Sanabria! Thank you to our sponsor Checkmarx! https://www.checkmarx.com/ Buy Tanya's new book on Application Security: Alice and Bob learn Application Security Don't forget to check out We Hack Purple Academy's NEW courses, Join our Cyber Security community: https://community.wehackpurple.com/ A safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter here: https://newsletter.wehackpurple.com/ Find us on Apple Podcast, Overcast + Pod
Join us for a Season 3 kickoff Episode, This season we are switching gears from SASE and doing a deep dive in Application Security. We truly believe that Application security is one of the most overlooked domains in cybersecurity. Recent supply chain attacks are great examples of why we decided to bring awareness to the subject. You can learn more about how to maximize the value you get from the various solutions by listening to the kickoff episode regardless if you are a big company or a smaller one We already recorded several great vendors such as Neuralegion Snyk.io Clouddefense.ai, Garantir.io and looking to record several more great vendors We are honored to have Tanya Janca, also known as SheHacksPurple, is the best-selling author of Alice and Bob Learn Application Security. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). Video episode Kickoff (security-architecture.org) Please subscribe to our podcast and follow our work on Linkedin: https://www.linkedin.com/company/secarchpodcast More about Tanya: https://www.linkedin.com/in/tanya-janca/ To promote our work and support the podcast, please review us here: https://www.podchaser.com/podcasts/security-architecture-podcast-1313281
Host Tanya Janca learns what it's like to found and run a small business (Zimana Analytics) focused on data analytics, with guest Pierre DeBois! Thank you to our sponsor Checkmarx! https://www.checkmarx.com/ Buy Tanya's new book on Application Security: Alice and Bob learn Application Security Don't forget to check out We Hack Purple Academy's NEW courses, Join our Cyber Security community: https://community.wehackpurple.com/ A safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter here: https://newsletter.wehackpurple.com/ Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a physical penetration tester, with guest Deviant Ollam. Famous for hacking banks, elevators and basically any physical security device, he will share how he got to where he is today! Check out his Twitter while you're at it! Thank you to our sponsor 10SecurityNEW Secure coding Course here!Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns from Sunny Wear about penetration testing with a live demonstration! Sunny shows off her custom app, Burp Tool Buddy, which shows you how to use and configure burp suite Pro. And it's a STEAL at $4.99!! https://twitter.com/SunnyWear Thank you to our sponsor 10SecurityNEW Secure coding Course here!Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca meets Ron Brash. He is a well-known technical expert in the ICS community, with a long-standing history in oil and gas from a young age, but also by engaging in difficult-to-solve industry solution development questions. Today, he has a Master's degree in Computer Science, a Bachelor's in Technology, over a decade of experience with industrial networks and technologies, embedded systems, systems design, risk advisory, and in several different domains ranging from aviation, energy, gas & more. Currently, he is a director at Verve Industrial Protection where his role as Director of Cybersecurity Insights includes product ownership, risk analysis, vulnerability research, reverse engineering, and facilitating relationships in IT & OT divisions of organizations. Check out his Twitter! Thank you to our sponsor 10SecurityNEW Secure coding Course here!Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be an offensive Engineer at @zoom, as well as a PluralSight author & mentor. Maril Vernon is always helping peeps break into cybersecurity. https://twitter.com/shewhohacks Thank you to our sponsor 10SecurityNEW Secure coding Course here!Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Although taken a year ago, this is still one of my favorite interviews. Not to mention it was my first non-written interview – hence the confusion and a questionable mic quality – but talking to Tanya was great!Tanya Janca is a super kind person bringing a security focus to DevOps movement. After working for the government and Microsoft, Tanya is now focused on consulting and education. I talked with Tanya about security in the cloud and how does one go about making teams more sensible to security issues.PS. A lot has changed in one year – Tanya's business evolved and now you can find her at We Hack Purple.Subscribe to 0800-DEVOPS newsletter here.Show notes:This interview is featured in 0800-DEVOPS #26 - Product Management and application security with Tanya Janca.
Host Tanya Janca meets Leif Dreizler who manages the Product Security team at Segment. The ProdSec Team is focused on partnering with software engineering teams to design and implement security features for the Segment product. Leif got his start in the security industry at Redspin doing security consulting work and was later an early employee at Bugcrowd. He helps organize the Bay Area OWASP Chapter, the AppSec California Conference and LocoMocoSec. Thank you to our sponsor 10SecurityBuy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Today's guest is Tanya Janca (@shehackspurple), founder and CEO of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. She's also the best selling author of 'Alice and Bob Learn Application Security'.We chat about Tanya's career journey and the various hats she's collected (there are many!) - as well as being a founder and CEO, she's been a pentester, a CISO, an AppSec Engineer, and software developer. She's worked in startups to public service, including being the CISO for the Canadian elections when Justin Trudeau was elected, to working in tech giants.Tanya has a really interesting perspective on many issues in cybersecurity, as you'll see in this chat. From why application security needs to be given more of a spotlight, to the issue of representation, working closely with devs, and seeking a fundamental change in the way we educate people in the industry.Before that, Ben leads our intro topic. He discusses the influence his father had on him and his security career, which prompts Hazel and Sana to look back at their own lives and talk about their greatest influencers.Plus, we discuss the new proposal from Talos and the Cyber Threat Alliance to truly tackle the global ransomware threat. If you can, please take a few minutes to read Neil Jenkins and Matt Olney's op ed piece on this, which is available on the Talos blog.Time stamps:01:46 - 15:33 Intro topic - Influencing figures, led by Ben15:34 - 32:51 Tanya Janca interview, part 132:52 - 38:49 Ransomware recommendations discussion38:50 - 60:00 Tanya Janca interview, part 260:01 - 66:56 Closing thoughts and outro
Host Tanya Janca talks with guest Jessica Dodson to learn what it's like to be a Customer Engineer (CE) in Security & Identity Modernization @ Microsoft. You can learn more about Jess here: https://girl-germs.com/ or follow her on Twitter. https://linktr.ee/girlgerms https://www.linkedin.com/in/jrdodson/ https://twitter.com/girlgerms Thank you to our sponsor #10Security! https://www.10security.com/ Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a BISO (Business Information Security Officer)! Alyssa Miller has had a very exciting career, and has a LOT to share with us on how to climb the career ladder in Cyber! https://twitter.com/AlyssaM_InfoSec Thank you to our sponsor Thread Fix! Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a PhD, S-CISO, CISSP, AND the Head of Cyber Risk Consulting at Marsh Singapore! She's also a leader for WoSEC Singapore, has run many security events such as CTFs for girls and women, and so, so much more. Join us to listen in! https://twitter.com/m49D4ch3lly Thank you to our sponsor Thread Fix! Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be the executive Vice President at F5, with Haiyan Song! She has had a very long career in security and Tanya is looking forward to delving into Haiyan's career path, and tips she has to share! https://twitter.com/SplunkHaiyan Thank you to our sponsor Thread Fix! Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don't forget to check out We Hack Purple Academy's NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
With our guest being unable to make it, host Tanya Janca gave a lesson on API security best practices. She also shared a twitter link with a list of API security testing tools, as well as a downloadable PDF about the best practices discussed.Thank you to our sponsor Thread Fix! Buy Tanya's new book on Application Security: Alice and Bob Learn Application Security. Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a Open Source Intelligence Analyst, with Ritu Gill, AKA OSINT Techniques! https://twitter.com/OSINTtechniques Thank you to our sponsor Thread Fix! Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be a Chief Product Officer (CPO) of a DevSecOps Product startup, with Abhi Arora! His startup is called Cloud Defense.Thank you to our sponsor Thread Fix! Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don’t forget to check out We Hack Purple's Academy and Community! A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter while you're at it! Sponsorship info: info@wehackpurple.com Find us on Apple Podcast, Overcast + Pod
Host Tanya Janca learns what it's like to be the CEO of Zag Communications, with Zenobia Godschalk! Zenobia is the founder and CEO of ZAG Communications, a digital marketing, PR, and IR firm that has launched and scaled global, multi-billion dollar enterprise tech companies, focused on cybersecurity. https://twitter.com/zenobiaZAG Thank you to our sponsor Thread Fix! Buy Tanya's new book on Application Security: Alice and Bob learn Application Security. Don’t forget to check out We Hack Purple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . Find us on Apple Podcast, Overcast + Pod
After a scheduling snafu with our guest, host Tanya Janca decided to do a deep dive on WordPress security best practices, and how she performed a security assessment on the brand-new We Hack Purple website. Plus (of course) a sneak-peak at the site! Check it out! Thank you to our sponsor Thread Fix! Buy Tanya's new book on #ApplicationSecurity: Alice and Bob learn Application Security. Don’t forget to check out #WeHackPurple Academy’s NEW courses, #AppSec Foundations taught by Tanya Janca! https://academy.wehackpurple.com/Join our Cyber Security community: https://community.wehackpurple.com/A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter! Sponsorship info: info@wehackpurple.com . #TanyaJanca #SheHacksPurple #DevSecOps #CyberTraining Find us on Apple Podcast, Overcast + Pod
What is AppSec, DevOps and DevSecOps? In this episode we discuss why defenders should know more about these terms and what the consequences are of ignoring these new and critical fields.Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.Advisor: Nord VPN, Cloud Defense, NeuraLegion, ICTC PAC, WoSECFounder: We Hack Purple, WoSEC International (Women of Security), OWASP DevSlop, #CyberMentoringMondaySupport for the Blueprint podcast comes from the SANS Institute.Check out the constantly growing list of available courses at sansurl.com/blueteamopsFollow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedIn
Tanya Janca walks us through how her need for community inspired her to develop one of her own.Join us for an inclusive conversation on how to navigate a male-dominated field and how to create your own success.Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software.Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents.GuestTanya Janca, Founder: We Hack Purple (Academy, Community and Podcast), WoSEC International (Women of Security), OWASP DevSlop, OWASP Victoria, #CyberMentoringMonday (@shehackspurple on Twitter)HostsJaclyn (Jax) Scott | Erika McDuffie | Jon HelmusThis Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsResourcesLinks for Tanya Janca:https://shehackspurple.cahttps://www.youtube.com/shehackspurplehttps://dev.to/shehackspurplehttps://medium.com/@shehackspurplehttps://www.twitch.tv/shehackspurplehttps://github.com/shehackspurple/https://www.slideshare.net/TanyaJanca/Links for We Hack Purple:https://wehackpurple.comhttps://twitter.com/wehackpurplehttps://www.youtube.com/wehackpurplehttps://linkedin.com/company/wehackpurpleAlice and Bob Learn Application Security: https://www.amazon.com/dp/1119687357/For more podcast stories from Hackerz And Haecksen with Jaclyn (Jax) Scott, Erika McDuffie, and Jon Helmus, visit: https://www.itspmagazine.com/hackerz-and-haecksen-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships
Here in Episode 9, I speak with Tanya Janca, also known as SheHacksPurple. Tanya is the best-selling author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. In this conversation, Tanya explains how she worked out early on that software developers were her tribe, and how speaking publicly led to further opportunities, first in-house and then as her own boss. The power of community and generosity of people is a theme that runs throughout this episode, and one that is music to my ears, in the spirit of abundance. Tanya goes on to explain how there is a long way to go before secure software development gets sufficient recognition and presence academically, and how she is aiming to drive this change. Her best advice is to make sure there is a market for whatever it is you want to offer. Enjoy!
In this show Steve speaks with application security specialist and educator Tanya Janca to talk about her new book "Alice and Bob Learn Application Security",as well as the struggles to educate developers about secure development, creating a positive and inclusive community and a slice of just about everything else.The Book!https://www.amazon.com/Alice-Bob-Learn-Application-Security/dp/1119687357https://www.wiley.com/en-us/Alice+and+Bob+Learn+Application+Security-p-9781119687351Who are Allison and Bobhttps://en.wikipedia.org/wiki/Alice_and_BobTanya gets a book!https://www.youtube.com/watch?v=6OaYA5nuI4A&ab_channel=SheHacksPurpleMeet Tanya JancaTanya Janca, also known as WehackPurple, is the author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives.Founder: We Hack Purple (Academy, Community, and Podcast), WoSEC International (Women of Security), OWASP DevSlop, OWASP Victoria, #CyberMentoringMondayFollow Tanya on Twitter: https://twitter.com/shehackspurpleFollow Tanya on LinkedIn:https://www.linkedin.com/in/tanya-jancaFollow Tanya on Medium: https://medium.com/@shehackspurpleFollow Tanya on YouTube:https://www.youtube.com/shehackspurpleFollow Tanya on Twitch:https://www.twitch.tv/shehackspurpleCoSeCast is powered by StackRox SecurityThe only Kubernetes-native container security platformStackRox has set the standard in container and Kubernetes security, protecting cloud-native apps across the full life cycle — build, deploy, and runtime.Steve GiguereSteve is the Director of Solutions and Community for EMEA for StackRox.He is a serial podcaster having hosted his solo editorial podcast called Codifyre, as well as podcasts for Synopsys and Aqua Security called Hacking Security and BeerSecOps.He's a fun and entertain public speaker on application, cloud native and kubernetes security and when he's not doing that he loves music. He's composed and played the theme music for this and each of his other podcasts.Learn more...https://stevegiguere.com/
Tanya Janca is the founder of WoSEC International (Women of Security). WoSEC is a community for women, including LGBTQ+ women, non-binary, trans and gender nonconforming, who have an interest in cyber security. Tanya's passion is around creating a more secure world/internet. She is also a huge advocate for bringing on more women, people of colour and other minorities into the application security world. In this episode of the INSPIRE 20 podcast Tanya discusses her career in cyber security, her work with WoSEC and also a movement named #Cybermentoringmonday.
Colin Bell, Rob Cuddy and Kris Duer from HCL Software bring you another discussion Application Security, DevSecOps and AppScan. This episode includes an exciting discussion about all things purple with Tanya Janca from "WeHackPurple" fame.
In this episode, we talk with the unique Tanya Janca she hacks purple. Tanya Janca launched she hack purple some time ago and now launched the new line of more inclusive training We Hack Purple. Tanya is a friend and a reference figure for appsec around the globe. The podcast is brought you by the generosity of NSC42 Ltd, your cybersecurity partner. Cybersecurity is a complex and different for every organization, and you need the best-tailored service to make sure your customer's data is safe and sound so that you can focus on what's important, focusing on your clients and bringing the best and safest experience. NSC42 Ltd can help you during your cloud transformation, cybersecurity assessment for your compliance checklist on-premises and on the cloud. Want to know more? Visit www.nsc42.co.uk to get your free quote. Tanya Janca, also known as ‘SheHacksPurple', is the founder, security trainer and coach of https://SheHacksPurple.dev, specializing in software and cloud security. Her obsession with securing software runs deep, from starting her company, to running her own OWASP chapter for 4 years in Ottawa, co-founding a new OWASP chapter in Victoria, and co-founding the OWASP DevSlop open-source and education project. With her countless blog articles, workshops and talks, her focus is clear. Tanya is also an advocate for diversity and inclusion, co-founding the international women's organization WoSEC, starting the online #MentoringMonday initiative, and personal mentoring, advocating for and enabling countless other women in her field. As a professional computer geek of 20+ years, she is a person who is truly fascinated by the ‘science' of computer science. Francesco is an Executive, Public Speaker, out of the box thinker. Francesco is the Executive director of NSC42 Ltd a UK based cybersecurity consultancy. As an executive, he loves to stay close to the technology but to keep it simple. Francesco is data and result-driven Cyber Security Executive/vCISO highly regarded for planning and executing strategic infosec improvement programs that protect data and technical assets, reduce security risks, and align with long-term organisational goals. Francesco is a well-known speaker, Head of the Cloud security alliance UK, and Director of the cyber security consultancy NSC42 https://www.shehackspurple.dev/ Social Media Links Follow us on social media to get the latest episodes: Website: www.cybersecuritycloudpodcast.com Youtube: https://www.youtube.com/SheHacksPurple You can listen to this podcast on your favourite player: Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463 Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ Linkedin: https://www.linkedin.com/company/35703565/admin/ Twitter: https://twitter.com/podcast_cyber Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/
© 2020-2025 Ivy Podcast Discovery LLC
