Tanya Janca | SheHacksPurple
@shehackspurple.bsky.social
Secure Code Trainer - Best-selling author of Alice and Bob Learn Secure Coding & Alice and Bob Learn Application Security. #AppSec she/her
https://shehackspurple.ca 🌻
https://shehackspurple.ca 🌻
I was on Darknet Diaries Ep. 165! Learn about dumb buildings with malware, how going to the dentist can get you in hot water, and that sharing breach information can you get buy in with software developers.
YouTube: https://twp.ai/9PYGmd
Or any podcast platform
YouTube: https://twp.ai/9PYGmd
Or any podcast platform
November 10, 2025 at 7:22 PM
I was on Darknet Diaries Ep. 165! Learn about dumb buildings with malware, how going to the dentist can get you in hot water, and that sharing breach information can you get buy in with software developers.
YouTube: https://twp.ai/9PYGmd
Or any podcast platform
YouTube: https://twp.ai/9PYGmd
Or any podcast platform
I'm hosting a free webinar, 'Metrics, Models & Mindsets: The Future of Application Security!', with Spyros Gasteratos and Aram Hovsepyan on Nov 12 · 8:30 AM PST. Wanna come?
https://twp.ai/9PWkQ5
https://twp.ai/9PWkQ5
November 9, 2025 at 5:26 PM
I'm hosting a free webinar, 'Metrics, Models & Mindsets: The Future of Application Security!', with Spyros Gasteratos and Aram Hovsepyan on Nov 12 · 8:30 AM PST. Wanna come?
https://twp.ai/9PWkQ5
https://twp.ai/9PWkQ5
My talk from @defcon.bsky.social is finally out! Watch 'Secure Code Is Critical Infrastructure: Hacking Policy for Public Good' here:
https://twp.ai/9PWUSj
If you like it, please give it a thumbs up. 👍
https://twp.ai/9PWUSj
If you like it, please give it a thumbs up. 👍
November 8, 2025 at 10:00 PM
My talk from @defcon.bsky.social is finally out! Watch 'Secure Code Is Critical Infrastructure: Hacking Policy for Public Good' here:
https://twp.ai/9PWUSj
If you like it, please give it a thumbs up. 👍
https://twp.ai/9PWUSj
If you like it, please give it a thumbs up. 👍
We, as an industry, need to start giving very specific and clear advice, if we want to have better outcomes. No more high level, vague, and ambiguous advice please.
youtu.be/XXtEpRN3ePc?...
#SpecificSecurity #BeSpecific #appsec #cybersecurity
youtu.be/XXtEpRN3ePc?...
#SpecificSecurity #BeSpecific #appsec #cybersecurity
November 8, 2025 at 9:32 PM
We, as an industry, need to start giving very specific and clear advice, if we want to have better outcomes. No more high level, vague, and ambiguous advice please.
youtu.be/XXtEpRN3ePc?...
#SpecificSecurity #BeSpecific #appsec #cybersecurity
youtu.be/XXtEpRN3ePc?...
#SpecificSecurity #BeSpecific #appsec #cybersecurity
I'm a big fan of https://twp.ai/9PY1su, but I don't love receiving breach notifications when I'm IN them! 😥
https://twp.ai/4ismgq
https://twp.ai/4ismgq
November 8, 2025 at 3:52 PM
I'm a big fan of https://twp.ai/9PY1su, but I don't love receiving breach notifications when I'm IN them! 😥
https://twp.ai/4ismgq
https://twp.ai/4ismgq
Dustin Lehr is helping us secure our apps, in a more friendly way!
@katilyst at #owasp #globalappsec
@katilyst at #owasp #globalappsec
November 7, 2025 at 6:49 PM
Dustin Lehr is helping us secure our apps, in a more friendly way!
@katilyst at #owasp #globalappsec
@katilyst at #owasp #globalappsec
It serves us all!
November 7, 2025 at 4:34 PM
It serves us all!
Adam Shostack is kicking off day 2 of #owaspglobalappsec with a conversation on the limits of risk. 🥳
November 7, 2025 at 2:08 PM
Adam Shostack is kicking off day 2 of #owaspglobalappsec with a conversation on the limits of risk. 🥳
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PWt48
https://twp.ai/9PWt48
November 6, 2025 at 9:31 PM
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PWt48
https://twp.ai/9PWt48
I'm doing a book signing (free books!) at the Smithy booth at #owaspglobalappsec, at 3:00 pm this afternoon! Come join me in the vendor area for books, stickers and conversations!
November 6, 2025 at 6:10 PM
I'm doing a book signing (free books!) at the Smithy booth at #owaspglobalappsec, at 3:00 pm this afternoon! Come join me in the vendor area for books, stickers and conversations!
What makes a “security champion” successful in a dev team? What makes them good at it? What makes a bad one? How can you tell if it's going well or not? #talkappsectome
November 6, 2025 at 4:25 PM
What makes a “security champion” successful in a dev team? What makes them good at it? What makes a bad one? How can you tell if it's going well or not? #talkappsectome
Daniel Miessler is kicking off #owaspglobalappsec with a talk about where everyone's career is going with the changes from AI. @DanielMiessler @owasp
November 6, 2025 at 2:28 PM
Daniel Miessler is kicking off #owaspglobalappsec with a talk about where everyone's career is going with the changes from AI. @DanielMiessler @owasp
Come see my talk with Neil Smithline about the new OWASP Top Ten, at #owaspglobalappsec, at 10:15 this morning!
November 6, 2025 at 2:07 PM
Come see my talk with Neil Smithline about the new OWASP Top Ten, at #owaspglobalappsec, at 10:15 this morning!
Secure coding in #JavaScript, my latest blog on @stackoverflow.blog.web.brid.gy. JavaScript is the front-end of the entire internet. Because JavaScript is so prolific, it’s a prime target for attackers.
https://twp.ai/9PWbls
https://twp.ai/9PWbls
November 5, 2025 at 6:28 PM
Secure coding in #JavaScript, my latest blog on @stackoverflow.blog.web.brid.gy. JavaScript is the front-end of the entire internet. Because JavaScript is so prolific, it’s a prime target for attackers.
https://twp.ai/9PWbls
https://twp.ai/9PWbls
November 4, 2025 at 10:13 PM
November 4, 2025 at 1:35 AM
Join me Nov 12, online, for the Harness DevSecOps Summit! I will be at the end of the day, doing a fireside chat with Adam Arellano, about securing AI as part of the SDLC. :-D
Register here for free: https://twp.ai/9PWOpi
Register here for free: https://twp.ai/9PWOpi
November 2, 2025 at 10:12 PM
Join me Nov 12, online, for the Harness DevSecOps Summit! I will be at the end of the day, doing a fireside chat with Adam Arellano, about securing AI as part of the SDLC. :-D
Register here for free: https://twp.ai/9PWOpi
Register here for free: https://twp.ai/9PWOpi
Homemade tomato sauce from tomatoes we grew. 🙂 #infosecgardening
November 2, 2025 at 5:17 PM
Homemade tomato sauce from tomatoes we grew. 🙂 #infosecgardening
Do you live in or near Cowichan Valley on Vancouver Island? Do you work in tech? Do you want to meet other nerds who live near you? Join the Cowichan Valley Open Hack meetup group or LinkedIn group! We want to hang with you!
https://twp.ai/ImrUoU
https://twp.ai/E6CFcQ
https://twp.ai/ImrUoU
https://twp.ai/E6CFcQ
November 2, 2025 at 2:59 AM
Do you live in or near Cowichan Valley on Vancouver Island? Do you work in tech? Do you want to meet other nerds who live near you? Join the Cowichan Valley Open Hack meetup group or LinkedIn group! We want to hang with you!
https://twp.ai/ImrUoU
https://twp.ai/E6CFcQ
https://twp.ai/ImrUoU
https://twp.ai/E6CFcQ
#infosecgardening We stopped watering the greenhouse a couple weeks ago when our well unexpectedly died, but apparently it's going to keep on giving anyway! I picked these all myself. 💪
November 2, 2025 at 1:47 AM
#infosecgardening We stopped watering the greenhouse a couple weeks ago when our well unexpectedly died, but apparently it's going to keep on giving anyway! I picked these all myself. 💪
Happy Halloween! 🎃
November 1, 2025 at 1:22 AM
Happy Halloween! 🎃
October 31, 2025 at 9:13 PM
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PWswt
https://twp.ai/9PWswt
October 31, 2025 at 2:50 AM
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PWswt
https://twp.ai/9PWswt
Is there an #AppSec or #DevSecOps trend right now that you think is overhyped? Which one and whyyyyyy? Tell me your feels #talkappsectome
October 30, 2025 at 11:41 PM
Is there an #AppSec or #DevSecOps trend right now that you think is overhyped? Which one and whyyyyyy? Tell me your feels #talkappsectome