165: Tanya

In this episode of Darknet Diaries, Jack interviews Tanya Janca, a cybersecurity expert, about her experiences in application security. Tanya recounts her early days learning about SQL injection and penetration testing, including an incident where she accidentally crashed a production server. She shares stories from her career, such as discovering a data breach caused by a blind SQL injection and resolving a network outage caused by employees streaming the Olympics. Tanya also discusses the importance of training help desk staff to recognize and properly handle security incidents, highlighting a case where a technician inadvertently destroyed evidence of child exploitation. Finally, she describes her efforts to promote application security and foster collaboration between security teams and developers, including forming a women's CTF team and advocating for a more supportive approach to AppSec.

Outlines

Part 1: Introduction and Early Security Experiences

Part 2: Incident Response and Security Challenges

Part 3: Promoting Application Security

Part 4: Conclusion

Sign in to continue reading, translating and more.

Continue

Darknet Diaries

Part 1: Introduction and Early Security Experiences

The Importance of Accessible Security Policies and Introduction to Tanya Janca

Tanya Janca's Introduction to Hacking and Early Exploits

Part 2: Incident Response and Security Challenges

Transition to Security Team and Discovery of a Data Breach

Investigating the Data Breach and Discovering Blind SQL Injection

Incident Response and the Case of the Malware-Infected Building

Training the Help Desk and the Importance of Chain of Custody

Part 3: Promoting Application Security

Forming a Women's CTF Team and Promoting Application Security

Part 4: Conclusion

Conclusion and Final Remarks

165: Tanya

Darknet Diaries

Part 1: Introduction and Early Security Experiences

00:00The Importance of Accessible Security Policies and Introduction to Tanya Janca

The Importance of Accessible Security Policies and Introduction to Tanya Janca

07:08Tanya Janca's Introduction to Hacking and Early Exploits

Tanya Janca's Introduction to Hacking and Early Exploits

Part 2: Incident Response and Security Challenges

12:22Transition to Security Team and Discovery of a Data Breach

Transition to Security Team and Discovery of a Data Breach

17:08Investigating the Data Breach and Discovering Blind SQL Injection

Investigating the Data Breach and Discovering Blind SQL Injection

25:17Incident Response and the Case of the Malware-Infected Building

Incident Response and the Case of the Malware-Infected Building

35:20Training the Help Desk and the Importance of Chain of Custody

Training the Help Desk and the Importance of Chain of Custody

Part 3: Promoting Application Security

40:41Forming a Women's CTF Team and Promoting Application Security

Forming a Women's CTF Team and Promoting Application Security

Part 4: Conclusion

50:26Conclusion and Final Remarks

Conclusion and Final Remarks