Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(344)

Kubernetes (Goat) Vulnerable by Design - Madhu Akula

Kubernetes (Goat) Vulnerable by Design - Madhu Akula

In this episode of the Virtual Coffee with Ashish edition, we spoke with Madhu Akula (@madhuakula) is an international Kubernetes Security Public Speaker, Black Hat Trainer, Creator of open source rep...

2 Touko 202149min

CISO PERSPECTIVE SERIES: LINKEDIN CISO - Geoff Belknap

CISO PERSPECTIVE SERIES: LINKEDIN CISO - Geoff Belknap

In this episode of the Virtual Coffee with Ashish edition, we spoke with Geoff Belknap (@geoffbelknap) is the Chief Security Officer of Linkedin (@LinkedIn). In this episode, Geoff & Ashish spoke abou...

27 Huhti 202153min

Study Hall: Honest truth behind learning Kubernetes

Study Hall: Honest truth behind learning Kubernetes

In this Study Hall - Kelsey Hightower explains is it really complex to learn Kubernetes and whether it's really complex. Nothing but the Honest Trust from Kelsey on this episode. Full Episode on Clo...

27 Huhti 20215min

Building Threat Detection for your Cloud Environment

Building Threat Detection for your Cloud Environment

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ashwin Patil (@ashwinpatil) who is a returning guest from Season 1 of the Cloud Security Podcast. Ashwin is a Senior Program Ma...

18 Huhti 202150min

Cloud Governance using Infrastructure as Code (IaC)

Cloud Governance using Infrastructure as Code (IaC)

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ohad Maishlish is the CEO & Co-Founder of env0. Host: Ashish Rajan - Twitter @hashishrajan Guest: Ohad Maislish - Linkedin ...

11 Huhti 202140min

Kubernetes Security Explained for those starting today! - Kelsey Hightower

Kubernetes Security Explained for those starting today! - Kelsey Hightower

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kelsey Hightower (@kelseyhightower) is the Staff Advocate at Google Cloud (@GoogleCloud) and co-author of “Kubernetes: Up and R...

4 Huhti 202154min

Getting Infrastructure as Code (IaC) Security Culture right! - Yoni Leitersdorf

Getting Infrastructure as Code (IaC) Security Culture right! - Yoni Leitersdorf

In this episode of the Virtual Coffee with Ashish edition, we spoke with Yoni Leitersdorf (@yonadavl) who is the CEO & Co-Founder of Indeni Host: Ashish Rajan - Twitter @hashishrajan Guest: Yoni Le...

28 Maalis 202143min

Azure Security Best Practices for Cloud Architects - John Savill

Azure Security Best Practices for Cloud Architects - John Savill

In this episode of the Virtual Coffee with Ashish edition, we spoke with John Savill (Linkedin_John Savill) is the Principal Cloud Architect, Author and YouTuber. Host: Ashish Rajan - Twitter @hashi...

21 Maalis 202157min