Tanya Janca | SheHacksPurple
@shehackspurple.bsky.social
Secure Code Trainer - Best-selling author of Alice and Bob Learn Secure Coding & Alice and Bob Learn Application Security. #AppSec she/her
https://shehackspurple.ca 🌻
https://shehackspurple.ca 🌻
Guess who overdid it a bit at the gym and has a sore shoulder today? 😊 But guess who's also not giving up? Anyone need a bit of motivation today? In case you forgot: YOU CAN DO IT!
#wehackhealth
#wehackhealth
November 26, 2025 at 12:44 AM
Guess who overdid it a bit at the gym and has a sore shoulder today? 😊 But guess who's also not giving up? Anyone need a bit of motivation today? In case you forgot: YOU CAN DO IT!
#wehackhealth
#wehackhealth
Important question for software developers: what do you wish you knew more about in regard to creating more secure software? If you could suddenly know something, like Neo in the matrix, what would it be?
I will see if I can help.
I will see if I can help.
November 25, 2025 at 11:55 PM
Important question for software developers: what do you wish you knew more about in regard to creating more secure software? If you could suddenly know something, like Neo in the matrix, what would it be?
I will see if I can help.
I will see if I can help.
Software Supply Chain: Bigger (and Scarier) Than We Realize - a blog post by meeeeeee!
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
November 25, 2025 at 6:43 PM
Software Supply Chain: Bigger (and Scarier) Than We Realize - a blog post by meeeeeee!
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
When we talk about the software supply chain security, most people think only of dependencies (open-source libraries and frameworks).
https://twp.ai/9PY9lB
#appsec #supplychain
1/2
If all the tools in your cyber security tool set formed a band, what would they be called? And what type of music would they play? Mine would be called Bleeding Endpoint, and they would play alt metal.
🤘
🤘
November 25, 2025 at 4:44 PM
If all the tools in your cyber security tool set formed a band, what would they be called? And what type of music would they play? Mine would be called Bleeding Endpoint, and they would play alt metal.
🤘
🤘
We, as an industry, need to start giving very specific and clear advice, if we want to have better outcomes. No more high level, vague, and ambiguous advice please. #SpecificSecurity #BeSpecific
https://twp.ai/ImshpN
1/2
https://twp.ai/ImshpN
1/2
November 24, 2025 at 4:21 PM
We, as an industry, need to start giving very specific and clear advice, if we want to have better outcomes. No more high level, vague, and ambiguous advice please. #SpecificSecurity #BeSpecific
https://twp.ai/ImshpN
1/2
https://twp.ai/ImshpN
1/2
It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!
November 24, 2025 at 3:00 PM
It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!
November 23, 2025 at 8:42 PM
How To Get Your First Job In #Cybersecurity: a blog post of all the steps you need to transition into #InfoSec!
https://twp.ai/9PYTFH
https://twp.ai/9PYTFH
November 22, 2025 at 11:39 PM
How To Get Your First Job In #Cybersecurity: a blog post of all the steps you need to transition into #InfoSec!
https://twp.ai/9PYTFH
https://twp.ai/9PYTFH
Reposted by Tanya Janca | SheHacksPurple
I post on #CyberMentoringMonday when I remember to, and I’m happy to help out students as well! I’m not a CISO or founder or anything exciting and glamorous, but I’ve got a decade of experience building software and another 6 years securing it.
April 14, 2025 at 12:32 AM
I post on #CyberMentoringMonday when I remember to, and I’m happy to help out students as well! I’m not a CISO or founder or anything exciting and glamorous, but I’ve got a decade of experience building software and another 6 years securing it.
Insecure code? Need some training? Call me! Funny memes included!
https://twp.ai/9PX67U
https://twp.ai/9PX67U
November 22, 2025 at 3:57 AM
Insecure code? Need some training? Call me! Funny memes included!
https://twp.ai/9PX67U
https://twp.ai/9PX67U
It happens to us all
November 21, 2025 at 11:22 PM
It happens to us all
It is Friday. PLEASE tell me your best cyber puns. 🙏
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
November 21, 2025 at 7:28 PM
It is Friday. PLEASE tell me your best cyber puns. 🙏
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
I shall start:
Where did the hacker go?
She ransomware.
Womp womp! Send me your groaners!
Random Tanya Thoughts on Video: securing vibe coded apps built by non-software engineers. How do we handle that?????
https://twp.ai/9PYWuo
https://twp.ai/9PYWuo
November 21, 2025 at 7:00 PM
Random Tanya Thoughts on Video: securing vibe coded apps built by non-software engineers. How do we handle that?????
https://twp.ai/9PYWuo
https://twp.ai/9PYWuo
OWASP Vancouver is kicking off with Greg Sienkiewicz speaking about #devsecops and pizza!!!!
November 21, 2025 at 2:12 AM
OWASP Vancouver is kicking off with Greg Sienkiewicz speaking about #devsecops and pizza!!!!
When should security not block a release? Or should it never block? What is worthy of a block? Or, should we have fixed things before the CI? What are your thoughts? #talkappsectome
November 20, 2025 at 10:30 PM
When should security not block a release? Or should it never block? What is worthy of a block? Or, should we have fixed things before the CI? What are your thoughts? #talkappsectome
FOLKS! The audiobook of Alice and Bob Learn Secure Coding is OUT on @audible now! If you buy it and like it, please rate it for me? I'm so pleased it's finally available.
https://twp.ai/9PYWwR
https://twp.ai/9PYWwR
November 20, 2025 at 4:34 PM
FOLKS! The audiobook of Alice and Bob Learn Secure Coding is OUT on @audible now! If you buy it and like it, please rate it for me? I'm so pleased it's finally available.
https://twp.ai/9PYWwR
https://twp.ai/9PYWwR
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PY4ZG
https://twp.ai/9PY4ZG
November 19, 2025 at 7:22 PM
"Malicious packages in npm evade dependency detection through invisible URL links: Report" Article by Howard Solomon, with quotes from me.
https://twp.ai/9PY4ZG
https://twp.ai/9PY4ZG
I was on Darknet Diaries Ep. 165! Learn about dumb buildings with malware, how going to the dentist can get you in hot water, and that sharing breach information can you get buy in with software developers.
YouTube: https://twp.ai/9PYFFl
Or any podcast platform
YouTube: https://twp.ai/9PYFFl
Or any podcast platform
November 18, 2025 at 11:52 PM
I was on Darknet Diaries Ep. 165! Learn about dumb buildings with malware, how going to the dentist can get you in hot water, and that sharing breach information can you get buy in with software developers.
YouTube: https://twp.ai/9PYFFl
Or any podcast platform
YouTube: https://twp.ai/9PYFFl
Or any podcast platform
How do we get people who are now releasing software, who previously did not because they don't have the skill, to care about Security? People who aren't software engineers. How do we reach them? How do we secure them? I need your advice. #appsec #ai
youtu.be/Zj1uwsmWuAw?...
youtu.be/Zj1uwsmWuAw?...
SheHacksPurple: securing vibe coded apps built by non-software engineers
YouTube video by SheHacksPurple
youtu.be
November 18, 2025 at 3:15 AM
How do we get people who are now releasing software, who previously did not because they don't have the skill, to care about Security? People who aren't software engineers. How do we reach them? How do we secure them? I need your advice. #appsec #ai
youtu.be/Zj1uwsmWuAw?...
youtu.be/Zj1uwsmWuAw?...
I hosted a webinar -> Metrics, Models, and Mindsets: A Conversation About the Future of AppSec, with my friends Spyros from Smithy and Aram! Blog post and video at the link.
https://twp.ai/9PYJUk
https://twp.ai/9PYJUk
November 18, 2025 at 3:06 AM
I hosted a webinar -> Metrics, Models, and Mindsets: A Conversation About the Future of AppSec, with my friends Spyros from Smithy and Aram! Blog post and video at the link.
https://twp.ai/9PYJUk
https://twp.ai/9PYJUk
It's difficult for me to express in words just how frustrating it is when Microsoft, Google, AND Apple try (constantly) to force me to save online (onto THEIR cloud) instead of locally, removing my options. I literally HATE it. Stop taking away my choices.
Like if you agree.
Like if you agree.
November 18, 2025 at 2:07 AM
It's difficult for me to express in words just how frustrating it is when Microsoft, Google, AND Apple try (constantly) to force me to save online (onto THEIR cloud) instead of locally, removing my options. I literally HATE it. Stop taking away my choices.
Like if you agree.
Like if you agree.
It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!
November 17, 2025 at 3:00 PM
It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!
I wrote a blog and made a video about the Vibe Check panel I was on at #SectorCA in Toronto. It talks about vibe coding, helping AIs create more secure code, and how to find shadow AI in your code!
https://twp.ai/9PWWng
https://twp.ai/9PWWng
November 17, 2025 at 3:30 AM
I wrote a blog and made a video about the Vibe Check panel I was on at #SectorCA in Toronto. It talks about vibe coding, helping AIs create more secure code, and how to find shadow AI in your code!
https://twp.ai/9PWWng
https://twp.ai/9PWWng
Android just suggested that I delete my memes to save space.
Me: 😱😡🥺😥😵🤮
Me: 😱😡🥺😥😵🤮
November 16, 2025 at 9:08 PM
Android just suggested that I delete my memes to save space.
Me: 😱😡🥺😥😵🤮
Me: 😱😡🥺😥😵🤮
I was quoted in the following article by Howard Solomon:
Self-propagating worm found in marketplaces for Visual Studio Code extensions. WOW supply chain attacks are becoming truly terrifying!
https://twp.ai/9PWdEc
Self-propagating worm found in marketplaces for Visual Studio Code extensions. WOW supply chain attacks are becoming truly terrifying!
https://twp.ai/9PWdEc
November 15, 2025 at 10:31 PM
I was quoted in the following article by Howard Solomon:
Self-propagating worm found in marketplaces for Visual Studio Code extensions. WOW supply chain attacks are becoming truly terrifying!
https://twp.ai/9PWdEc
Self-propagating worm found in marketplaces for Visual Studio Code extensions. WOW supply chain attacks are becoming truly terrifying!
https://twp.ai/9PWdEc