Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(345)

Cloud Security Monitoring in a Modern Security Stack

Cloud Security Monitoring in a Modern Security Stack

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jack Naglieri (Jack's Twitter) about what Security Monitoring can look like for a Cloud Native Company Episode ShowNotes, Link...

8 Syys 202236min

API SECURITY BEST PRACTICES 2022

API SECURITY BEST PRACTICES 2022

In this episode of the Virtual Coffee with Ashish edition, we spoke with Corey Ball (Corey's Twitter) about what does API in a modern software stack looks like and how these can be attacked and protec...

5 Syys 202239min

BlackHat Defcon 2022 - The Cloud Security Edition

BlackHat Defcon 2022 - The Cloud Security Edition

Special Episode by Shilpi and Ashish sharing their recap, highlights, big takeaways, Cloud Talks and Training from Hacker Summer Camp - Blackhat Defcon Diana Initiative BSides Vegas 2022. Blog with li...

28 Elo 20221h 2min

HOW TO Threat Model Digital Applications in Cloud

HOW TO Threat Model Digital Applications in Cloud

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jeevan Singh (Jeevan's Linkedin) about Threat Modelling STRIDE Threat Modelling can be used for self service Application runnin...

21 Elo 202259min

HOW TO SECURE CONTAINER ENVIRONMENT FOR FINANCIAL SERVICES

HOW TO SECURE CONTAINER ENVIRONMENT FOR FINANCIAL SERVICES

In this episode of the Virtual Coffee with Ashish edition, we spoke with Karthik Ramamoorthy (Karthik's Linkedin) about Container security with NIST Framework for financial services organizations. Epi...

7 Elo 202255min

AWS ReInforce 2022 Recap & Highlights

AWS ReInforce 2022 Recap & Highlights

Special Episode by Shilpi and Ashish sharing their recap, highlights, big takeaways, meh moments and in person experience from AWS ReInforce 2022. Twitter Space with Cloud Security Community about the...

2 Elo 202253min

Fundamentals of AWS Cloud Security Assessment

Fundamentals of AWS Cloud Security Assessment

In this episode of the Virtual Coffee with Ashish edition, we spoke with Cassandra Young (@muteki_rtw) Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Ho...

30 Heinä 202249min

So Now You Know!

So Now You Know!

Special Episode by Shilpi and Ashish announcing the 1 year partnership with Snyk and what does this mean for the podcast community - you and also for Ashish and Shilpi. The new Architecture series we ...

28 Heinä 202218min