Day Two Cloud 143: Application Security Isn’t Just For Developers

Today’s Day Two Cloud gets into security. In particular, we discuss application security and working with developers to make sure code is sanitized and tested. Writing secure code at the outset can dramatically reduce risk and help simplify operations and security. Our guest is Tanya Janca, founder of We Hack Purple. We Hack Purple has online training to help developers integrate security practices into their coding. We Hack Purple is joining Bright Security, which will enable We Hack Purple courses to be available for free. In addition to application security, we also discuss major security issues including phishing, ransomware, and the recent Log4J vulnerability that forced businesses to scramble to protect themselves. We discuss what the DevSecOps movement means. Tanya also offers advice on how folks can get into security as a career, whether with an IT background or from an entirely different field. Sponsor: StrongDM StrongDM is secure infrastructure access for the modern stack. StrongDM proxies connections between your infrastructure and Sysadmins, giving your IT team auditable, policy-driven, IaC-configurable access to whatever they need, wherever they are. Find out more at StrongDM.com/packetpushers. Sponsor: ITProTV Start or grow your IT career with online training from ITProTV. From CompTIA to Cisco and Microsoft, ITProTV offers more than 5,800 hours of on-demand training. Courses are listed by category, certification, and job role. Day Two Cloud listeners can sign up and save 30% off all plans. Go to itpro.tv/daytwocloud and use promo code CLOUD to save 30%. Show Links: We Hack Purple We Hack Purple Community Alice and Bob Learn Application Security – Google Books @wehackpurple – We Hack Purple on Twitter @shehackspurple – Tanya Janca on Twitter Jobs in Information Security (InfoSec) – She Hacks Purple blog SheHacksPurple – Twitch SheHacksPurple – YouTube OWASP Community Cyber Security Career Guide (Book) – Alyssa Miller #CyberMentoringMonday – Twitter Day Two Cloud 055: Securing Cloud Infrastructure And Applications – DayTwoCloud.io Transcript: [00:00:00.850] – Ethan Sponsor StrongDM is secure infrastructure access for the modern stack. Strongdm proxies connections between your infrastructure and Sysadmins, giving your It team auditable, policy driven IEC configurable access to whatever they need wherever they are.