Show Notes
In this episode, Host Ron Eddings catches up with longtime friend, Tanya Janca, Head of Education and Community at SemGrep and author of 'Alice and Bob Learn Application Security.' Tanya shares her experiences from working in the Canadian government to joining Microsoft and eventually founding WeHackPurple. Tanya talks about her new role at SemGrep, where she focuses on making application security education accessible, and the importance of building supportive communities in the tech industry.
Impactful Moments:
00:00 - Welcome
01:20 - Introducing guest, Tanya Janca
03:09 - “IDK How to Make SemGrep Rules…”
0707 - Finding Shadow IT & Embezzlers
11:27 - Join Our Mastermind
12:09 - Becoming an AppSec Professional
15:22 - Elections CISO
18:00 - Speaking at Conferences
21:15 - Microsoft Calls Me One Day…
23:21 - Parting Ways; But Still Friends
24:30 - “Can You Train Our Devs?”
27:50 - Fairness Is Important
32:27 - Put Yourself Out There!
Links:
Connect with our guest, Tanya Janca: https://www.linkedin.com/in/tanya-janca/
Check out SemGrep Academy: https://academy.semgrep.dev/
We Hack Purple Podcast: https://wehackpurple.buzzsprout.com/
Check out our upcoming events: https://www.hackervalley.com/livestreams
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Check out our upcoming events: hackervalley.com/livestreams
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Recent Episodes
When Cybercrime Learned How to Make Money and Never Looked Back ...
Cybersecurity didn’t start as a billion-dollar crime machine. It started as pranks, ego, and curiosity. That origin story explains almost everything that’s breaking today. Ron sits down with ...
Defending Dignity in the Messiest Data on Earth with George ...
The most dangerous attack surface isn’t your infrastructure, it’s desire under pressure. When people are emotional, impulsive, and hoping for connection, security controls don’t fail… judgment ...
When Automation Outruns Control with Joshua Bregler
AI doesn’t break security, it exposes where it was already fragile. When automation starts making decisions faster than humans can audit, AppSec becomes the only thing standing between scale and ...
The Day AI Stopped Asking for Permission with Marcus J. Carey
AI didn’t quietly evolve, it crossed the line from recommendation to execution. Once agents stopped advising humans and started acting inside real systems, trust replaced experimentation and ...
When AI Ships the Code, Who Owns the Risk with Varun Badhwar and ...
AI isn’t quietly changing software development… it’s rewriting the rules while most security programs are still playing defense. When agents write code at machine speed, the real risk isn’t ...
Think Like a Hacker Before the Hack Happens with John Hammond
What if the most dangerous hackers are the ones who never touch a keyboard? The real threat isn't just about stolen credentials or ransomware; it's about understanding how attackers think before ...
Breaking Into Banks and Bypassing Modern Security with Greg ...
Three banks in four days isn't just a bragging right for penetration testers. It's a wake-up call showing that expensive security tools and alarm systems often fail when tested by skilled ...
Defending Your Cyber Systems and Your Mental Attack Surface with ...
When your firewall forgets to buckle up, the crash doesn’t happen in the network first, it happens in your blindspots. In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder ...
Thriving Beyond Human Labor with Context-Powered AI with Daniel ...
The real disruption isn’t AI replacing humans, it’s the shocking possibility that human labor was the economic bubble all along. In this episode, Ron Eddings sits down with Daniel Miessler, ...
Building EDR for AI: Controlling Autonomous Agents Before They Go ...
AI agents aren't just reacting anymore, they're thinking, learning, and sometimes deleting your entire production database without asking. The real question isn't if your AI agent will be ...
WORK WITH US
PODCASTS + SPEAKING + EVENTS
Are you the best kept secret in cybersecurity? Let's change that by partnering together for podcast ads, social campaigns, and your next event or keynote. Send us your details to get started.
Thank you!
We will be in touch soon and reach out to you at