Software Engineering Institute

Most talk around DevSecOps is about putting more and more into your pipeline, whether it is realistic, safe, logical, or not. This talk will detail when not to put something in your pipeline and several strategies for automated security that do not require slowing down your builds.

This keynote presentation by Tanya Janca of We Hack Purple was given virtually at DevSecOps Days Los Angeles 2021 on September 15, 2021. Tanya Janca, also known as SheHacksPurple, is the best-selling author of 'Alice and Bob Learn Application Security.'; She is also the founder of We Hack Purple, an online learning academy, community, and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won countless awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats: startup founder, Pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer, and has delivered hundreds of talks and trainings on six continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives.

Advisor: Nord VPN, Cloud Defense, NeuraLegion, ICTC PAC, WoSEC

Founder: We Hack Purple, WoSEC International (Women of Security), OWASP DevSlop, #CyberMentoringMonday

View a graphic recording of the presentation or watch the video on YouTube.