Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(344)

What is Cloud Native Application Protection Platform - CNAPP Explained!

What is Cloud Native Application Protection Platform - CNAPP Explained!

In this episode of the Virtual Coffee with Ashish edition, we spoke with Om Moolchandani (@omaitrika) is a CISO and CTO at Accurics (@AccuricsSec).. Episode ShowNotes, Links and Transcript on Cloud Se...

17 Loka 202148min

Google Cloud Next 21, Kubecon and VMworld - Cloud Security News

Google Cloud Next 21, Kubecon and VMworld - Cloud Security News

Cloud Security News this week 14 October 2021 It's an eventful month for all things cloud as Google Cloud Next 21 and Kubecon are happening this week. Ashish from Cloud Security Podcast was co-hosting...

13 Loka 20214min

Implementing Cloud Security Tools the Right way - Stay Alert Not Fatigue!

Implementing Cloud Security Tools the Right way - Stay Alert Not Fatigue!

In this episode of the Virtual Coffee with Ashish edition, we spoke with Gaurav Kumar (@gauravphoenix) is the Founder of Dassana (@DassanaSecurity). Episode ShowNotes, Links and Transcript on Cloud Se...

10 Loka 202135min

AWS Launches Cloud Control API - Cloud Security News

AWS Launches Cloud Control API - Cloud Security News

Cloud Security News this week 06 October 2021 AWS has announced the availability of AWS Cloud Control API - a set of common application programming interfaces (APIs) that are designed to make it eas...

6 Loka 20213min

Data Security in Cloud with David McCaw, Dasera

Data Security in Cloud with David McCaw, Dasera

In this episode of the Virtual Coffee with Ashish edition, we spoke with David McCaw (Linkedin - David McCaw) is a Co-Founder of Dasera (@DaseraInc). Episode ShowNotes, Links and Transcript on Cloud S...

3 Loka 202149min

Cloud Security ranks in 2021 OWASP Top 10 - Cloud Security News

Cloud Security ranks in 2021 OWASP Top 10 - Cloud Security News

Cloud Security News this week - 29 September 2021 Amazon Web Services, Google Cloud, IBM, and Microsoft have joined forces this week with the Enterprise Data Management (EDM) Council to publish a f...

29 Syys 20213min

Cloud Security Careers: Application Security Engineer Skills with Tanya Janca

Cloud Security Careers: Application Security Engineer Skills with Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca (@shehackspurple) is an Author, Security Trainer and Founder of We Hack Purple (@WeHackPurple). Episode ShowNotes,...

26 Syys 202144min

Cloud Security Careers: Threat Analyst Skills

Cloud Security Careers: Threat Analyst Skills

In this episode of the Virtual Coffee with Ashish edition, we spoke with Abisola Dayspring Johnson aka Day (@CyberwoxAcademy) is a Threat Analyst at Optiv (@Optiv) and the Founder of Cyberwox Academy ...

24 Syys 202141min