Tanya Janca

Tanya Janca, a renowned AppSec expert and founder of We Hack Purple, shares gripping tales from her cybersecurity journey. She vividly recounts how a single SQL injection changed her career and describes her first penetration testing experiences. Tanya reveals an incident where exploratory inputs crashed a production server and led to a significant data leak. She discusses her role in incident response and the importance of training help desk teams in recognizing security threats. Her passion for secure coding inspires developers to prioritize cybersecurity.

In this discussion, Tanya Janca, author of 'Alice and Bob Learn Secure Coding' and a leading voice in application security, shares her insights on integrating security throughout the software development lifecycle. She emphasizes the importance of defining security requirements early and using threat modeling in design. Tanya details secure coding practices, effective testing strategies like SAST and DAST, and the necessity of continuous security monitoring post-deployment. With a focus on practical techniques and real-world examples, she guides developers on enhancing software security.

Tanya Janca, a cybersecurity expert with 28 years of experience and author of "Alice and Bob Learn Secure Coding," sheds light on the pitfalls of treating security as an afterthought. She emphasizes the need to redefine security as an ongoing practice rather than a final gate. Tanya shares insights on enhancing developer empowerment through clear guidelines and internal knowledge libraries. The conversation also touches on the evolving relationship between AI integration and security, advocating for continuous learning and critical evaluation of AI-generated code.

Join Francis Odum, founder of Software Analyst Cyber Research, Chris Hughes of Aquia and Resilient Cyber, cloud and AppSec engineer James Berthoty, and secure coding advocate Tanya Janca as they unpack insights from RSA Conference 2025. They discuss the transformative impact of AI on AppSec and security operations, the importance of runtime security, and innovative strategies for vulnerability management. Expect candid takes on industry challenges like ransomware and the diminishing focus on zero trust—along with actionable insights for the future of cybersecurity.

In this engaging chat, Tanya Janca, known as SheHacksPurple, shares her insights as an AppSec expert and author. She discusses why traditional security policies often flop and how to make them more effective. Bridging the gap between developers and policy writers is key—Tanya emphasizes the need for practical, simplified guidelines. She also touches on her advocacy work in enhancing cybersecurity within government sectors. Tune in for her tips on empowering developers and making security accessible!

Tanya Janca, an application security expert and author of 'Alice and Bob Learn Application Security,' discusses the alarming trend of teaching insecure coding practices right from the 'Hello, World' program. She emphasizes the importance of secure coding throughout the development lifecycle and shares insights on tool selection and fostering a culture of security awareness. Tanya also highlights key strategies to prevent vulnerabilities and the necessity of aligning security needs with development teams, ensuring safer coding practices in today's tech landscape.

In this enlightening chat, Tanya Janca, a Canadian application security expert and advocate known as She Hacks Purple, shares her odyssey from software development to penetration testing. She addresses the critical need for secure coding education in academia and highlights her initiatives, WOsec and We Hack Purple, aimed at empowering women in cybersecurity. Tanya dives into the role of AI in enhancing secure code, the economics of open-source security, and the importance of integrating security practices throughout the software development lifecycle.

In a riveting discussion, Tanya Janca, developer relations at Semgrep and author of 'Alice and Bob Learn Secure Coding,' joins Ed Gaudet, CEO of SenseNet, to tackle cybersecurity in healthcare. They explore why healthcare remains tough to disrupt and emphasize the critical need for enhanced security amidst rising ransomware threats. Tanya shares insights from her book on secure coding, while Ed highlights the unique risks rural healthcare facilities face. Their engaging conversation underscores the urgent mission to safeguard patient safety in the evolving digital landscape.

In this engaging discussion, Tanya Janca, Head of Community at Semgrep and security trainer at She Hacks Purple, shares insights from her new book aimed at helping developers write secure code. She emphasizes the critical importance of validating inputs and adopting a zero-trust security model. Tanya discusses balancing security with usability, especially in sensitive environments like hospitals. She also explores effective strategies for securing legacy applications and the need for continuous security testing in the software development lifecycle.

In this engaging discussion, Tanya Janca, an AppSec expert and author of 'Alice and Bob Learn Secure Coding', dives into the essentials of secure coding practices. She shares insights on the lack of formal security education and advocates for improved AppSec curricula. Tanya emphasizes practical training and accessible resources for developers, while also reflecting on her personal journey in learning and teaching. Key topics include the importance of not trusting input and the principle of defense in depth, all presented with a relatable touch.