The Modern .NET Show

The Security Expert Speaks: Tanya Janca on Learning to Code Securely

Jan 24, 2025
Tanya Janca, an application security expert and author of 'Alice and Bob Learn Application Security,' discusses the alarming trend of teaching insecure coding practices right from the 'Hello, World' program. She emphasizes the importance of secure coding throughout the development lifecycle and shares insights on tool selection and fostering a culture of security awareness. Tanya also highlights key strategies to prevent vulnerabilities and the necessity of aligning security needs with development teams, ensuring safer coding practices in today's tech landscape.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
ADVICE

Teach Secure Coding From Start

  • Avoid teaching insecure coding from day one in your tutorials or courses.
  • Always validate and encode user inputs to prevent vulnerabilities like cross-site scripting.
ADVICE

Use Frameworks and SDLC Security

  • Use modern frameworks and their latest security features instead of writing your own.
  • Incorporate security steps in each phase of your software development lifecycle for better software.
ADVICE

Integrate Security Throughout Development

  • Engage security professionals early in projects and maintain open communication.
  • Use IDE plugins and code scanning tools to catch security issues as you code and check in.
Get the Snipd Podcast app to discover more snips from this episode
Get the app