Application Security AppSec 101 - Tanya Janca
Cloud Security Podcast2 Elo 2020

Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

Tanya & Ashish spoke about

  • Who is Tanya Janca? :)
  • What was your path into CyberSecurity or your current role?
  • What has professional life been after leaving Microsoft?
  • What does Cloud Security mean for you?
  • What is Application Security or AppSec?
  • Tanya Janca’s Book - “Alice and Bob learn Application Security”
  • How can someone start in Application Security, specially if they are trying to move laterally?
  • What is Static Code Analysis?
  • What is DevSecOps
  • What is CI/CD Pipeline?
  • Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
  • What is an AppSec Program and how can one make it successful?
  • What does a Mature AppSec Program look like?
  • Are there any tools used for Threat Modelling or is it conducted separately?
  • What’s the most difficult piece of AppSec discipline to explain to others again and again?
  • How do I get buy in from management?
  • How do you do Threat Modelling in CI/CD Pipeline or automate it?
  • What soft skills do you need to be an Application Security person?
  • How do you merge AppSec risk in the infrastructure risk to get a wholistic view?

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Jaksot(344)

WHAT THE HECK IS CI/CD | Continuous Integration | Delivery | Deployment - Melissa Benua

WHAT THE HECK IS CI/CD | Continuous Integration | Delivery | Deployment - Melissa Benua

In this episode of the Virtual Coffee with Ashish edition, we spoke with Melissa Benua, Director of Engineering Host: Ashish Rajan - Twitter @hashishrajan Guest: Melissa Benua - Linkedin @mbenua I...

8 Marras 202042min

HOW TO PREPARE FOR GDPR IN AZURE CLOUD ENVIRONMENT- Naomi Buckwalter

HOW TO PREPARE FOR GDPR IN AZURE CLOUD ENVIRONMENT- Naomi Buckwalter

In this episode of the Virtual Coffee with Ashish edition, we spoke with Naomi Buckwalter Host: Ashish Rajan - Twitter @hashishrajan Guest: Naomi Buckwalter - Linkedin @naomi-buckwalter In this ep...

1 Marras 202046min

HOW TO START in BUG BOUNTY IN 2020 with Casey Ellis, BugCrowd

HOW TO START in BUG BOUNTY IN 2020 with Casey Ellis, BugCrowd

In this episode of the Virtual Coffee with Ashish edition, we spoke with Casey Ellis Host: Ashish Rajan - Twitter @hashishrajan Guest: Casey Ellis - Linkedin @caseyjohnellis In this episode, Casey...

25 Loka 20201h 5min

CONTINUOUS MONITORING FOR CONTROLS & VULNERABILITIES - DANIEL MIESSLER

CONTINUOUS MONITORING FOR CONTROLS & VULNERABILITIES - DANIEL MIESSLER

In this episode of the Virtual Coffee with Ashish edition, we spoke with Daniel Miessler Host: Ashish Rajan - Twitter @hashishrajan Guest: Daniel Miessler - Linkedin @danielmiessler In this episod...

18 Loka 202048min

AWS SECURITY IN A LARGE REGULATED ENTERPRISE! - HOUSTON HOPKINS, CAPITAL ONE

AWS SECURITY IN A LARGE REGULATED ENTERPRISE! - HOUSTON HOPKINS, CAPITAL ONE

In this episode of the Virtual Coffee with Ashish edition, we spoke with Houston Hopkins, Director CyberSecurity, Capital One Host: Ashish Rajan - Twitter @hashishrajan Guest: Houston Hopkins - Lin...

11 Loka 20201h 1min

CISO Challenges in Cloud Security - Caleb Sima, VP - Security at Databricks

CISO Challenges in Cloud Security - Caleb Sima, VP - Security at Databricks

In this episode of the Virtual Coffee with Ashish edition, we spoke with Caleb Sima, VP - Security, Databricks Host: Ashish Rajan - Twitter @hashishrajan Guest: Caleb Sima - Linkedin @CalebSima I...

4 Loka 20201h 6min

WHAT IS SECURITY CHAOS ENGINEERING? - JEROME WALTER, SECURITY MODERNISATION

WHAT IS SECURITY CHAOS ENGINEERING? - JEROME WALTER, SECURITY MODERNISATION

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jerome Walter, Security Modernisation, Director, VMWare Host: Ashish Rajan - Twitter @hashishrajan Guest: Jerome Walter - Li...

27 Syys 20201h 2min

Security and Compliance in AWS Cloud

Security and Compliance in AWS Cloud

In this episode of the Virtual Coffee with Ashish edition for Cloud Security Podcast, we spoke with Alexander J Yawn - ISC2 Miami Board Member | NABCRMP Founding Board Member Host: Ashish Rajan - Tw...

20 Syys 20201h 1min