Secure Coding Trainer, Best-selling author of Alice and Bob Learn Secure Coding & Alice and Bob Learn Application Security. #AppSec she/her 🌻
Joined June 2017
- Tweets 62,112
- Following 2,431
- Followers 50,275
- Likes 109,831
6,293 Photos and videos
Pinned Tweet
📢 Announcing DevSec Station, my new podcast! 💜
If you write code, this is for you.
Short, practical #AppSec lessons. No scare tactics. Very little homework. 😉
twp.ai/kuwhZt
twp.ai/gEHSNp
3
15
3,787
Tanya Janca | Shehackspurple retweeted
Announcement: I'm the keynote for Sikkerhetsfestivalen (Security Festival) 2026, in Lillehammer, Norway! August 24 - 26, 2,000 of us will take over that tiny town to learn, party, and connect! Check out the link below to learn more. :-D
twp.ai/Ilpxld
1
8
869
Supply chain attacks have entered their “new tricks, same awfulness” era. If your security defenses are stuck a few years back, this mini-lesson is for you. Episode 3 is LIVE!
Watch: twp.ai/bWVB8L
Listen: twp.ai/NSVRY9
4
279
Join myself and Gavin Klondike on July 2nd, 9 am PT, for Chapter 4 of Alice and Bob Learn Secure Coding!
We will cover:
• secure design
• dependency and supply chain security
• trusted vs untrusted systems
• secure defaults
• allowlists vs blocklists
twp.ai/Ilrpik
4
323
Is AI making things more or less secure overall? What do you think the future holds?
#AppSecThursday #talkAppSectome
1
333
Tanya Janca | Shehackspurple retweeted
I was on the RedMonk podcast with host Kate Holterhoff: AI Slop, Vibe Coding, & the Future of AppSec. What an amazing conversation!
Watch here, or listen on any podcast platform: twp.ai/IlqRss
1
9
699
I’m excited for the next book stream 😊 For Chapter 5 of *Alice and Bob Learn Secure Coding*, I’ll be joined by Katie Paxton-Fear to cover technology-specific security practices and what secure coding looks like across different architectures and platforms.
RSVP: twp.ai/Ilqypi
1/2
1
7
331
Topics:
• API security
• mobile app security
• WebSocket security
• serverless security
• IoT security
Katie is brilliant, practical, funny, and incredibly good at explaining complicated security topics! Come ask questions and learn with us 💜
2/2
2
277
I was on Smashing Security, episode 470: This AI security flaw might be impossible to fix! With the charming, hilarious, and brilliant Graham Cluely!
List on any podcast platform, or grab it at the link below:
twp.ai/Ils2PG
1
5
346
Yesterday I had the pleasure of hosting a book stream with Scott Helme, and it was GREAT.
We talked about encryption, security headers, lessons learned from running Report URI, and plenty of practical advice for developers and security professionals alike.
twp.ai/IlrpeD
1/2
1
7
509
If you're interested in application security, web security, security engineering, or just enjoy hearing smart people talk about building safer systems, I think you'll enjoy this one.
twp.ai/NSX4qH
2/2
1
3
678
Vienna, I’m coming.
I’m teaching a 1-day training at OWASP Global AppSec EU (Jun 22–26) on API Security. Hands on, practical, and very “you can use this at work on Monday.”
If you have ever shipped an API and thought “I hope this is fine,” this class is for you! 😄
Registration here: twp.ai/bWVoqF
More information on my session here: twp.ai/S9BKS7
#OWASP #OWASPGLOBALAPPSECEU
1
5
373
Tanya Janca | Shehackspurple retweeted
The sneakiest supply chain attacks are not loud. They are boring-looking, easy to miss, and often invisible at first. Which is honestly what makes them so effective. Watch the full episode at DevSec Station to learn more.
twp.ai/Ilpu8Z
1
3
5
1,017
I'm "chick sitting". Hopefully this is a nice timeline cleanse for you.
3
25
756
Tanya Janca | Shehackspurple retweeted
It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect
3
7
12
1,639
Tanya Janca | Shehackspurple retweeted
Supply chain attacks are not just “someone hacked a package” anymore. The game keeps changing, and if we still think about this the old way, we’re already behind. Watch the full episode at DevSec Station for the breakdown.
twp.ai/IlpuAP
2
3
14
2,650
What’s your “security hill to die on” (The practice or principle). What is it and why is it worth it?
#AppSecThursday #talkAppSectome
2
3
705
Tanya Janca | Shehackspurple retweeted
Join myself and Gavin Klondike on July 2nd, 9 am PT, for Chapter 4 of Alice and Bob Learn Secure Coding!
We will cover:
• secure design
• dependency and supply chain security
• trusted vs untrusted systems
• secure defaults
• allowlists vs blocklists
twp.ai/IlqB73
1
2
6
811
Tanya Janca | Shehackspurple retweeted
I was on a webinar with Illumio and Raghu and I GOT INTO IT! Lots of hot takes. "You've Built a Security Stack. Have You Built a False Sense of Security?"
Watch here: twp.ai/IlqRsX
2
5
775