Upload File

tanya janca - reboot communications€¦ · @shehackspurple the plan: 1. support dev and sec team...

  • Home
  • Documents
  • Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done
60
Tanya Janca Security Trainer and Coach at SheHacksPurple.dev @SheHacksPurple

Upload: others

Post on 22-Sep-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

Tanya JancaSecurity Trainer and Coach at SheHacksPurple.dev

@SheHacksPurple

Page 2: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 3: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done
Page 4: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

The mandatory “about me” slide.

I’m Tanya Janca.AKA: @SheHacksPurple

WoSEC

Security Trainer atSheHacksPurple.dev

Page 5: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Let’s do this!

Page 6: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 7: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 8: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 9: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 10: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@SheHacksPurple

Page 11: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@SheHacksPurple

Page 12: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@SheHacksPurple

Page 13: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@SheHacksPurple

Page 14: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 15: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 16: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 17: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 18: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 19: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 20: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 21: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 22: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@SheHacksPurple

Page 23: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 24: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 25: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Start Security Earlier!

Requirements Design Code Testing Release

Push Left!

Page 26: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Break security activities

into smaller pieces

@SheHacksPurple

Page 27: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 28: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 29: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

1

Page 30: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

1

@SheHacksPurple

Page 31: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

1

Photo: DevOpsDays Zurich, May 2018, with Nicole Becher of OWASP DevSlop

Page 32: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

2

Page 33: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

(Off Colour) Job Shadowing

Page 34: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@SheHacksPurple

Page 35: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@SheHacksPurple

Page 36: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

1

Page 37: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

1

Page 38: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

2

Page 39: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 40: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

OWASP: Your new BFF!!!

The Open Web Application Security Project

Page 41: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 42: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

2

@SheHacksPurple

Page 43: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

2

Page 44: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

2

@SheHacksPurple

Page 45: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

A message for

conferences

No more “we’re screwed” keynotes.

Page 46: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

2

@SheHacksPurple

Lead By Example

Page 47: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

<the plan>

Page 48: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 49: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 50: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 51: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 52: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 53: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

The Plan:

1. Support dev and sec team with processes,

training, and resources so they can

confidently get the job done.

2. Initiate and then maintain culture change.

Page 54: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Page 55: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

</plan>

Page 56: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

Open Web Application Security Project

@SheHacksPurple

#OWASPlovehttps://owasp.org

meetup.com/OWASP-Victoria-Chapter/

Page 57: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple@WoSECtweets

Canada, France, USA, India,

Switzerland, Kenya, South

Africa, Sweden, Spain

Paris, Ottawa, San Francisco,

Singapore, Dallas, Houston, Austin,

Vancouver, Portland, Ottawa,

Chicago, Bangalore, Boise,

Montréal, Zurich, Nairobi,

Johannesburg, Stockholm , Victoria,

Milwaukee, Detroit, Denver,

Barcelona, Madrid

Page 58: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

#MentoringMonday

EVERY MONDAY

Page 59: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

SheHacksPurple.dev

Twitter: @SheHacksPurple

https://medium.com/@SheHacksPurple

https://dev.to/SheHacksPurple

https://YouTube.com/SheHacksPurple

https://medium.com/@SheHacksPurple
https://dev.to/SheHacksPurple
https://youtube.com/SheHacksPurple
Page 60: Tanya Janca - Reboot Communications€¦ · @SheHacksPurple The Plan: 1. Support dev and sec team with processes, training, and resources so they can confidently get the job done

@SheHacksPurple

Thank You

Security Training and Coaching

SheHacksPurple.dev

Tanya [email protected]

@SheHacksPurple

http://bit.ly/whycantwebuild


A J Janca- So you want to stop time

To Reboot or Not to Reboot? Analyzing the Performance of ... · To Reboot or Not to Reboot? Analyzing the Performance of ... characters which fans want to watch more stories ... Iron

Reboot - Part 3 - Reboot Your Fitness - 01-22-17

Ricardo Inzunza, Brandon Janca, Ryan Worden December 3, 2014 … · 2014. 12. 6. · 13 Janca. Manual versus Sequential Manual: Reverse gear capable Simple design Sequential: Efficient

Pushing Left, Like a Boss - By Tanya Janca

Smlxl Reboot

Sdda reboot

Supply Reboot

ReBoot Magazine

Confidently - Bank Muamalat

Operationalizing Clojure Confidently

[Conference] Building Websites that Matter - Agent Reboot Boston, Agent Reboot DC, Agent Reboot Austin

Agile revolution reboot

Union.edu "Reboot" Update

Enterprise reboot

Nêmesis Reboot

Reboot 2020

Marketing reboot

3b-{Kz} CINSKA Janca CZ Alternativni Medicina

Reboot part 2 - reboot your family - 01-15-17-1

reboot remake

Brokerage Reboot

Reboot Luxe

Region Janca

INSPECCIÓN DE EMERGENCIA A LA QUEBRADA JANCA … · Inspección de emergencia a La Quebrada Janca Pampa 1. Introducción A consecuencia del incremento de la temperatura en nuestro

Reboot - Part 4 - Reboot Your Finances - 01-29-17

Reboot Online

Nick Reboot

Career Reboot

Reboot part 2 - reboot your family - 01-15-17-

Irène Cohen-Janca · Maurizio A.C.Quarello L’ultimo viaggio L’ultimo viaggio Irène Cohen-Janca · Maurizio A.C.Quarello Irène Cohen-Janca · Maurizio A.C.Quarello Janusz Korczak

Handling Objections Confidently

Message Series - REBOOT - Part 1 - Reboot Your Faith - 01-08-17

Your Reboot Lite What’s a Reboot? 10-Day Plan

Reboot Leadership