Tanya Janca

Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’. She is also the Head of Education and Community at Semgrep, sharing content and training that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty-seven years, won countless awards, and has been everywhere from public service to tech giants, writing software, leading communities, founding companies and ‘securing all the things’. She is an award-winning public speaker, active blogger & podcaster and has delivered hundreds of talks on 6 continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives.

Advisor: Katilyst

Faculty: IANs Research

Founder: We Hack Purple, OWASP DevSlop, #CyberMentoringMonday, WoSEC

2024 Talk

Talk Title: Maturing Your Application Security Program

Talk Abstract:
After working with over 300 companies on their application security programs the most common question I receive is “what’s next?”. They want to know how to mature their programs, and when they look at the maturity models available, they find them intimidating and so far beyond their current maturity level that they feel impossible. In this talk I will take you through 3 common AppSec program maturity levels I have encountered over the years, with practical and actionable next steps you could take immediately to improve your security posture.

2019 Talk

Talk Title: Cloud Native Security Explained

Talk Abstract:
Have you ever wondered how security is different ‘in the cloud’? What does “Cloud Native” even mean? What is “Zero Trust”? Serverless? Just in Time (access management)? And how do we secure these things? This talk is a whirlwind intro to securing cloud computing with audience participation (open discussion) and demonstrations of various new cloud security tactics in Azure. Demo will include: