Application Security AppSec 101 - Tanya Janca

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

• Host: Ashish Rajan - Twitter @hashishrajan
• Guest: Tanya Janca - Linkedin    
  

Tanya & Ashish spoke about

• Who is Tanya Janca? :)
• What was your path into CyberSecurity or your current role?
• What has professional life been after leaving Microsoft?
• What does Cloud Security mean for you?
• What is Application Security or AppSec?
• Tanya Janca’s Book - “Alice and Bob learn Application Security”
• How can someone start in Application Security, specially if they are trying to move laterally?
• What is Static Code Analysis?
• What is DevSecOps
• What is CI/CD Pipeline?
• Loss of AppSec knowledge when people move on? How do you find the motivation to continue?
• What is an AppSec Program and how can one make it successful?
• What does a Mature AppSec Program look like?
• Are there any tools used for Threat Modelling or is it conducted separately?
• What’s the most difficult piece of AppSec discipline to explain to others again and again?
• How do I get buy in from management?
• How do you do Threat Modelling in CI/CD Pipeline or automate it?
• What soft skills do you need to be an Application Security person?
• How do you merge AppSec risk in the infrastructure risk to get a wholistic view?
  

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai