Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(344)

AWS Earns over 16billion this quarter + SEGA on Microsoft Azure - Cloud Security News

AWS Earns over 16billion this quarter + SEGA on Microsoft Azure - Cloud Security News

Cloud Security News this week 27 October 2021 In case you missed the quarterly earnings updates from last episode, I do encourage you to check it out to see how Google Cloud and Azure faired last Qu...

3 Marras 20213min

How to Build Applications with Zero Trust Principles

How to Build Applications with Zero Trust Principles

In this episode of the Virtual Coffee with Ashish edition, we spoke with Maximilian Burkhardt (@maxb) is a Staff Security Engineer at Figma (@Figma) Episode ShowNotes, Links and Transcript on Cloud Se...

31 Loka 202142min

What is SaaS Security Posture Management (SSPM)?

What is SaaS Security Posture Management (SSPM)?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Chris Hughes (@Linkedin-Profile) is a host of the Resilient Cyber Podcast. Episode ShowNotes, Links and Transcript on Cloud Sec...

28 Loka 202120min

AWS Lands UK Spy Services Contact + Google Cloud + Azure release Q3 results - Cloud Security News

AWS Lands UK Spy Services Contact + Google Cloud + Azure release Q3 results - Cloud Security News

Cloud Security News this week 27 October 2021 UK’s spy agencies have given a contract to AWS to host classified material. Their intention is to boost use of data analytics and artificial intelligenc...

27 Loka 20215min

Threat Detection and Incident Response in Cloud - Nathan Case

Threat Detection and Incident Response in Cloud - Nathan Case

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nathan Case ( Linkedin Profile ) is a Senior Director, Security Operations at Resilience. Episode ShowNotes, Links and Transcri...

24 Loka 202146min

HashiConf Global 2021 - Our Cloud Security Picks - Cloud Security News

HashiConf Global 2021 - Our Cloud Security Picks - Cloud Security News

Cloud Security News this week 22 October 2021 Hope you have been enjoying your Cloud Security News this week and in our special third instalment for this week we bring you our best bits from Hashiconf...

22 Loka 20213min

Talks not to be missed at Kubecon North America 2021 - Cloud Security News

Talks not to be missed at Kubecon North America 2021 - Cloud Security News

Cloud Security News this week 21 October 2021 It's a month full of conferences and as promised we are back with our 2nd episode this week to bring you the cloud security highlights from KubeCon. In th...

21 Loka 20213min

All the Security Updates - Google Cloud Next 21 - Cloud Security News

All the Security Updates - Google Cloud Next 21 - Cloud Security News

Cloud Security News this week 20 October 2021 Google Cloud is adding new features to their zero trust access solution, BeyondCorp Enterprise which will enable identity and context-aware access to no...

20 Loka 20215min