Tanya Janca | SheHacksPurple
@shehackspurple.bsky.social
Secure Code Trainer - Best-selling author of Alice and Bob Learn Secure Coding & Alice and Bob Learn Application Security. #AppSec she/her
https://shehackspurple.ca 🌻
https://shehackspurple.ca 🌻
Legacy apps....
November 28, 2025 at 8:08 PM
Legacy apps....
Teacher asks students to get AI to write a report for them, then research all the ways it's wrong. Thoughts?
November 28, 2025 at 7:27 PM
Teacher asks students to get AI to write a report for them, then research all the ways it's wrong. Thoughts?
Do you think the industry is better or worse at secure development now than it was 5 years ago? Why? Why not? #talkappsectome
November 28, 2025 at 1:54 AM
Do you think the industry is better or worse at secure development now than it was 5 years ago? Why? Why not? #talkappsectome
The Psychology of Bad Code, part one of a very long blog series on why we write insecure code, and how I hope we can do better. Includes slides from my new talk: Threat Modeling Developer Behaviour: The Psychology of Bad Code!
shehackspurple.ca/2025/11/27/t...
shehackspurple.ca/2025/11/27/t...
November 28, 2025 at 12:49 AM
The Psychology of Bad Code, part one of a very long blog series on why we write insecure code, and how I hope we can do better. Includes slides from my new talk: Threat Modeling Developer Behaviour: The Psychology of Bad Code!
shehackspurple.ca/2025/11/27/t...
shehackspurple.ca/2025/11/27/t...
Big news in #AppSec: the #OWASP Top 10 2025 is now available! I'm part of the project team and ALL OF US want every dev, security engineer, and leader to read it (please).
https://twp.ai/E6DRWp
1/5
https://twp.ai/E6DRWp
1/5
November 27, 2025 at 2:49 AM
Big news in #AppSec: the #OWASP Top 10 2025 is now available! I'm part of the project team and ALL OF US want every dev, security engineer, and leader to read it (please).
https://twp.ai/E6DRWp
1/5
https://twp.ai/E6DRWp
1/5
Me: puts on music while making content
Also me: gets distracted, music is too good! Turns it off.
5 minutes goes by...
Me: I should put on music....
Also me: gets distracted, music is too good! Turns it off.
5 minutes goes by...
Me: I should put on music....
November 26, 2025 at 11:51 PM
Me: puts on music while making content
Also me: gets distracted, music is too good! Turns it off.
5 minutes goes by...
Me: I should put on music....
Also me: gets distracted, music is too good! Turns it off.
5 minutes goes by...
Me: I should put on music....
Can someone help me find a version of this image without the text so I can make my own dumb meme of it? I tried doing google's search by image, but it only found more memes. Thoughts? How does one search that way? Or am I out of luck?
November 26, 2025 at 7:04 PM
Can someone help me find a version of this image without the text so I can make my own dumb meme of it? I tried doing google's search by image, but it only found more memes. Thoughts? How does one search that way? Or am I out of luck?
Guess who overdid it a bit at the gym and has a sore shoulder today? 😊 But guess who's also not giving up? Anyone need a bit of motivation today? In case you forgot: YOU CAN DO IT!
#wehackhealth
#wehackhealth
November 26, 2025 at 12:44 AM
Guess who overdid it a bit at the gym and has a sore shoulder today? 😊 But guess who's also not giving up? Anyone need a bit of motivation today? In case you forgot: YOU CAN DO IT!
#wehackhealth
#wehackhealth
Important question for software developers: what do you wish you knew more about in regard to creating more secure software? If you could suddenly know something, like Neo in the matrix, what would it be?
I will see if I can help.
I will see if I can help.
November 25, 2025 at 11:55 PM
Important question for software developers: what do you wish you knew more about in regard to creating more secure software? If you could suddenly know something, like Neo in the matrix, what would it be?
I will see if I can help.
I will see if I can help.
Software Supply Chain: Bigger (and Scarier) Than We Realize - a blog post by meeeeeee!
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
November 25, 2025 at 6:43 PM
Software Supply Chain: Bigger (and Scarier) Than We Realize - a blog post by meeeeeee!
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
If all the tools in your cyber security tool set formed a band, what would they be called? And what type of music would they play? Mine would be called Bleeding Endpoint, and they would play alt metal.
🤘
🤘
November 25, 2025 at 4:44 PM
If all the tools in your cyber security tool set formed a band, what would they be called? And what type of music would they play? Mine would be called Bleeding Endpoint, and they would play alt metal.
🤘
🤘
We, as an industry, need to start giving very specific and clear advice, if we want to have better outcomes. No more high level, vague, and ambiguous advice please. #SpecificSecurity #BeSpecific
https://twp.ai/ImshpN
1/2
https://twp.ai/ImshpN
1/2
November 24, 2025 at 4:21 PM
We, as an industry, need to start giving very specific and clear advice, if we want to have better outcomes. No more high level, vague, and ambiguous advice please. #SpecificSecurity #BeSpecific
https://twp.ai/ImshpN
1/2
https://twp.ai/ImshpN
1/2
It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!
November 24, 2025 at 3:00 PM
It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!
November 23, 2025 at 8:42 PM
How To Get Your First Job In #Cybersecurity: a blog post of all the steps you need to transition into #InfoSec!
https://twp.ai/9PYTFH
https://twp.ai/9PYTFH
November 22, 2025 at 11:39 PM
How To Get Your First Job In #Cybersecurity: a blog post of all the steps you need to transition into #InfoSec!
https://twp.ai/9PYTFH
https://twp.ai/9PYTFH
Reposted by Tanya Janca | SheHacksPurple
I post on #CyberMentoringMonday when I remember to, and I’m happy to help out students as well! I’m not a CISO or founder or anything exciting and glamorous, but I’ve got a decade of experience building software and another 6 years securing it.
April 14, 2025 at 12:32 AM
I post on #CyberMentoringMonday when I remember to, and I’m happy to help out students as well! I’m not a CISO or founder or anything exciting and glamorous, but I’ve got a decade of experience building software and another 6 years securing it.
Insecure code? Need some training? Call me! Funny memes included!
https://twp.ai/9PX67U
https://twp.ai/9PX67U
November 22, 2025 at 3:57 AM
Insecure code? Need some training? Call me! Funny memes included!
https://twp.ai/9PX67U
https://twp.ai/9PX67U
It happens to us all
November 21, 2025 at 11:22 PM
It happens to us all
It is Friday. PLEASE tell me your best cyber puns. 🙏
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
November 21, 2025 at 7:28 PM
It is Friday. PLEASE tell me your best cyber puns. 🙏
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
Random Tanya Thoughts on Video: securing vibe coded apps built by non-software engineers. How do we handle that?????
https://twp.ai/9PYWuo
https://twp.ai/9PYWuo
November 21, 2025 at 7:00 PM
Random Tanya Thoughts on Video: securing vibe coded apps built by non-software engineers. How do we handle that?????
https://twp.ai/9PYWuo
https://twp.ai/9PYWuo
OWASP Vancouver is kicking off with Greg Sienkiewicz speaking about #devsecops and pizza!!!!
November 21, 2025 at 2:12 AM
OWASP Vancouver is kicking off with Greg Sienkiewicz speaking about #devsecops and pizza!!!!
When should security not block a release? Or should it never block? What is worthy of a block? Or, should we have fixed things before the CI? What are your thoughts? #talkappsectome
November 20, 2025 at 10:30 PM
When should security not block a release? Or should it never block? What is worthy of a block? Or, should we have fixed things before the CI? What are your thoughts? #talkappsectome
FOLKS! The audiobook of Alice and Bob Learn Secure Coding is OUT on @audible now! If you buy it and like it, please rate it for me? I'm so pleased it's finally available.
https://twp.ai/9PYWwR
https://twp.ai/9PYWwR
November 20, 2025 at 4:34 PM
FOLKS! The audiobook of Alice and Bob Learn Secure Coding is OUT on @audible now! If you buy it and like it, please rate it for me? I'm so pleased it's finally available.
https://twp.ai/9PYWwR
https://twp.ai/9PYWwR
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PY4ZG
https://twp.ai/9PY4ZG
November 19, 2025 at 7:22 PM
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PY4ZG
https://twp.ai/9PY4ZG
I was on Darknet Diaries Ep. 165! Learn about dumb buildings with malware, how going to the dentist can get you in hot water, and that sharing breach information can you get buy in with software developers.
YouTube: https://twp.ai/9PYFFl
Or any podcast platform
YouTube: https://twp.ai/9PYFFl
Or any podcast platform
November 18, 2025 at 11:52 PM
I was on Darknet Diaries Ep. 165! Learn about dumb buildings with malware, how going to the dentist can get you in hot water, and that sharing breach information can you get buy in with software developers.
YouTube: https://twp.ai/9PYFFl
Or any podcast platform
YouTube: https://twp.ai/9PYFFl
Or any podcast platform