Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(344)

AWS Security - Managing Threat Detection and Response

AWS Security - Managing Threat Detection and Response

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ely Khan (@elykahn) is the Principal Product Manager at AWS (@AWS). Episode ShowNotes, Links and Transcript on Cloud Security P...

21 Heinä 202146min

Cloud Security RoadMap - Scott Piper

Cloud Security RoadMap - Scott Piper

In this episode of the Virtual Coffee with Ashish edition, we spoke with Scott Piper (@0xdabbad00) is a AWS Security Legend who has written AWS Security tools for the community and among other things ...

18 Heinä 20211h 4min

Comparing Cloud Security Tools - CWPP, CSPM, CASB & CNAPP

Comparing Cloud Security Tools - CWPP, CSPM, CASB & CNAPP

In this episode of the Virtual Coffee with Ashish edition, we spoke with Patrick Pushor (@CloudChronicle) is the Technical Evangelist at Orca Security (@OrcaSec). Episode ShowNotes, Links and Transcri...

11 Heinä 202149min

Cloud Infrastructure Security at Scale - Netflix

Cloud Infrastructure Security at Scale - Netflix

In this episode of the Virtual Coffee with Ashish edition, we spoke with Srinath Kuruvadi (@Srinath Kuruvadi) is the Head of Cloud Infrastructure Security at Netflix (@Netflix). Episode ShowNotes, Lin...

4 Heinä 202149min

Hacker Valley Studio - ExIST Framework to reach Peak Performance in CyberSecurity

Hacker Valley Studio - ExIST Framework to reach Peak Performance in CyberSecurity

In this episode of the Virtual Coffee with Ashish edition, we spoke with Chris Cochran (@chriscochrcyber) and Ronald Eddings (@ronaldeddings) are the host of a CyberSecurity Podcast called Hacker Vall...

27 Kesä 202137min

Finding Security Bugs in Google Cloud - Kat Traxler

Finding Security Bugs in Google Cloud - Kat Traxler

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kat Traxler (@nightmarejs) is the Cloud Security Engineering Lead, Best Buy(@BestBuy). Episode ShowNotes, Links and Transcript ...

20 Kesä 202137min

Hacker stories from the Internet - Darknet Diaries

Hacker stories from the Internet - Darknet Diaries

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jack Rhysider (@jackrhysider) is the host of Award Winning CyberSecurity Podcast Darknet Diaries (@DarknetDiaries). Episode Sho...

13 Kesä 202157min

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

In this Mid Week special episode of the CISO Perspective edition, we spoke with Andy Ellis (@csoandy) is the Operating Partner at YL Ventures (@YLVentures) and the ex-CISO of Akamai (@Akamai). Episode...

10 Kesä 202142min