Ep. 4: Application Security with Tanya Janca, head of community and education at Semgrep

The Security Detail

Application security is crucial for protecting sensitive data and ensuring the integrity and trustworthiness of software systems against cyber threats. In this episode, Tanya Janca, head of community and education at Semgrep discusses the importance of “shifting left” in the software development lifecycle, along with the best and worst practices in DevSecOps. Tanya has been coding and working in IT for more than 25 years and is the best-selling author of the book ‘Alice and Bob Learn Application Security’. You can follow Tanya on social media under the handle @SheHacksPurple.

Resources: 

Semgrep website: https://semgrep.dev/

'Alice and Bob Learn Application Security': https://www.amazon.com/Alice-Bob-Learn-Application-Security/dp/B097NJSSV8

'Alice and Bob Learn Secure Coding': https://www.wiley.com/en-us/Alice+and+Bob+Learn+Secure+Coding-p-9781394171705

SheHacksPurple YouTube: https://www.youtube.com/channel/UCyxbNw11fMUgoR3XpVYVPIQ

SheHacksPurple website: https://shehackspurple.ca/

OWASP Global AppSec Conference: https://sf.globalappsec.org/

CISA Secure by Design: https://www.cisa.gov/securebydesign

Tanya's RSAC Talk on DevSecOps worst practices: https://www.rsaconference.com/library/Presentation/USA/2023/DevSecOps%20Worst%20Practices

RSAC Presentation: 'The End of DevSecOps?' by DJ Schleen: https://www.rsaconference.com/Library/presentation/usa/2024/the%20end%20of%20devsecops

Executive Order on Improving the Nation’s Cybersecurity (SBOMs): https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes, and get the latest updates.

Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada