Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(344)

Manage Privileged Access for Kubernetes & Cloud

Manage Privileged Access for Kubernetes & Cloud

In this episode of the Virtual Coffee with Ashish edition, we spoke with Sakshyam Shah from Teleport Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host...

22 Huhti 202244min

How to become a Cloud Native Security Engineer

How to become a Cloud Native Security Engineer

In this episode of the Virtual Coffee with Ashish edition, we spoke with Pushkar Joglekar, Sr. Security Engineer, VMWare Tanzu Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cl...

10 Huhti 202244min

Service Mesh Security EXPLAINED!

Service Mesh Security EXPLAINED!

In this episode of the Virtual Coffee with Ashish edition, we spoke with William Morgan, ex Twitter, CEO Buoyant Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypo...

3 Huhti 202250min

Scaling a Practical AWS Asset Management Program

Scaling a Practical AWS Asset Management Program

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jasmine Henry & George Tang from JupiterOne Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecurit...

27 Maalis 202240min

Threat Hunting in AWS

Threat Hunting in AWS

n this episode of the Virtual Coffee with Ashish edition, we spoke with Eliav Livneh , Lead Security Researcher at Hunters Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.clouds...

20 Maalis 202243min

What is SBOM, iBOM?

What is SBOM, iBOM?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Barak Schoster Goihman, Senior Director, Chief Architect at Palo Alto Networks (BridgeCrew) Episode ShowNotes, Links and Transc...

13 Maalis 202239min

Security for AI/ML Models in AWS

Security for AI/ML Models in AWS

In this episode of the Virtual Coffee with Ashish edition, we spoke with Mike Chambers @mikechambers, AWS Hero AI/ML Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuri...

6 Maalis 202254min

Building Google Cloud Security Products

Building Google Cloud Security Products

In this episode of the Virtual Coffee with Ashish edition, we spoke with Sunil Potti @sunilpotti VP/GM, Google Cloud Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecurit...

3 Maalis 202247min