Application Security AppSec 101 - Tanya Janca - a podcast by Kaizenteq Team

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca, Founder, SheHacksPurple & WeHackPurple.

• Host: Ashish Rajan - Twitter @hashishrajan


• Guest: Tanya Janca - Linkedin    
  
  

Tanya & Ashish spoke about

• Who is Tanya Janca? :)


• What was your path into CyberSecurity or your current role?


• What has professional life been after leaving Microsoft?


• What does Cloud Security mean for you?


• What is Application Security or AppSec?


• Tanya Janca’s Book - “Alice and Bob learn Application Security”


• How can someone start in Application Security, specially if they are trying to move laterally?


• What is Static Code Analysis?


• What is DevSecOps


• What is CI/CD Pipeline?


• Loss of AppSec knowledge when people move on? How do you find the motivation to continue?


• What is an AppSec Program and how can one make it successful?


• What does a Mature AppSec Program look like?


• Are there any tools used for Threat Modelling or is it conducted separately?


• What’s the most difficult piece of AppSec discipline to explain to others again and again?


• How do I get buy in from management?


• How do you do Threat Modelling in CI/CD Pipeline or automate it?


• What soft skills do you need to be an Application Security person?


• How do you merge AppSec risk in the infrastructure risk to get a wholistic view?
  
  

ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv

Twitter - @kaizenteq @hashishrajan

If you want to watch videos of this and previous episodes:

- Twitch Channel: https://lnkd.in/gxhFrqw

- Youtube Channel: https://lnkd.in/gUHqSai

Further episodes of Cloud Security Podcast

Further podcasts by Kaizenteq Team

Website of Kaizenteq Team