Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(345)

Evolution of Kubernetes Security | KubeCon EU 2023

Evolution of Kubernetes Security | KubeCon EU 2023

Cloud Security Podcast -  we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the final episode in this series Kubernetes Security Panel from KubeCon EU 2023. Kubernetes Securit...

14 Touko 202355min

A DEV FRIENDLY CLOUD NATIVE SECURITY PIPELINE!

A DEV FRIENDLY CLOUD NATIVE SECURITY PIPELINE!

Cloud Security Podcast -  we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the fiveth episode in this series Eve Ben Ezra from The New York Times. GitOps, OPA Conftest, ArgoC...

11 Touko 202331min

THEY SCANNED ENTIRE GITHUB FOR SECRETS AND FOUND THIS!

THEY SCANNED ENTIRE GITHUB FOR SECRETS AND FOUND THIS!

Cloud Security Podcast -  we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the fourth episode in this series Mackenzie Jackson from GitGuardian. Mackenzie Jackson from GitGua...

9 Touko 202332min

Kubernetes Cluster Security Audit Explained

Kubernetes Cluster Security Audit Explained

Cloud Security Podcast -  we are continuing with our "Kubernetes Security & KubeCon EU 2023" and for the fourth episode in this series Shane Lawrence and Daniele Santos from Shopify explained how kube...

3 Touko 202341min

Network Security for Kubernetes

Network Security for Kubernetes

Cloud Security Podcast -  This month we are talking about "Kubernetes Security & KubeCon EU 2023" and for the third episode in this series, we spoke to Liz Rice ( Liz's Linkedin⁠). Liz Rice from Isova...

16 Huhti 202340min

CONTINUOUS KUBERNETES SECURITY IN 2023

CONTINUOUS KUBERNETES SECURITY IN 2023

Cloud Security Podcast -  This month we are talking about "Kubernetes Security & KubeCon EU 2023" and for the second episode in this series, we spoke to Andrew Martin (Andrew's Linkedin). Kubernetes S...

14 Huhti 202358min

2023 What Kubernetes Security Looks Like Today Series- DevSecOps

2023 What Kubernetes Security Looks Like Today Series- DevSecOps

Cloud Security Podcast -  This month we are talking about "Kubernetes Security & KubeCon EU 2023" and for the first episode in this series, we spoke to Kirsten Newcomer (Kirsten's Linkedin). Kirsten ...

13 Huhti 202347min

IS THERE DEVSECOPS IN CLOUD? 🤔

IS THERE DEVSECOPS IN CLOUD? 🤔

Cloud Security Podcast -  This month we are talking about "Cloud Security - the Leadership View" and for the final episode in this series, we spoke to Guy Podjarny ( GuyPo's Linkedin). If you are work...

27 Maalis 202350min