Notices by Tanya Janca | SheHacksPurple :verified: :verified: (shehackspurple@infosec.exchange)

Most security training fails because it teaches rules, not behavior. I’ve put together a new training brochure that explains how I focus on habit-building, developer trust, and real-world secure coding.

If that sounds good...
👉 https://twp.ai/4ivgOB
1/2

Android's new feature "adjust how bright you want your flashlight to be, every time, instead of just on/off": NO THANK YOU. I don't want to press extra buttons for no reason thanks.

It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect

Hi! If you are Canadian, I NEED YOUR HELP. Please call your member of parliament and ask them to vote YES on petition e-7115. Watch the video to learn more!

https://twp.ai/SAHSPR

Petition: https://twp.ai/Imwy1J

The real risk is not using AI. It’s quietly handing over our judgment without realizing it.

Understanding this shift is the first step toward building safer software in an AI-assisted world.
3/3

In this video, Tanya Janca explains “vibe coding” — the very human tendency to accept AI-generated code because it looks correct, compiles cleanly, and helps us move faster. Developers aren’t careless. We’re responding exactly how humans respond to confident tools and tight deadlines.
2/3

The Psychology of Bad Code: What Is Vibe Coding? And Why Developers Do It.
https://twp.ai/E6Gtul

AI coding assistants are changing how we build software, but they’re also changing how we make decisions.
1/3

My CSS might look a bit like this...

OHHHHHHHHHH

It's difficult for me to express in words just how frustrating it is when Microsoft, Google, AND Apple try (constantly) to force me to save online (onto THEIR cloud) instead of locally, removing my options. I literally HATE it. Stop taking away my choices.

Like if you agree.

Digging up my dahlias for the winter. #infosecgardening

🌿 Thrilled to share that our live security training is now carbon neutral! Experience top-notch learning in secure coding with a minimal environmental impact. Explore our carbon-neutral training offering and join us on the path to a greener future: https://twp.ai/4ij4Xf

I'm speaking at #OWASP #GlobalAppSec in Washington DC, November 6! My talk -> Threat Modeling Developer Behaviour: The Psychology of Bad Code. What if many AppSec issues aren’t technical flaws, but predictable human behaviour? Find out with me!

https://twp.ai/4irmsP

On a train to Montreal for #gosec 2025!

Day 6 of recording Alice and Bob Learn Secure Coding!

I published a new introductory level blog post: What is Threat Modeling? Read it here: https://twp.ai/4iqmq5

Also, I added a beautiful flower, because who doesn't need a timeline cleanse? #infosecgardening

Android just completely changed the phone app interface. Can I opt out of DevOps? Please stop constantly moving everything in every app. I see this everywhere. As a user it's unbelievable frustrating to not be able to find what I need... It's not just android, it's everywhere. 🤬

After an amazing 2-year journey at @semgrep , it’s time for my next adventure.

I’m excited to share I’ll now be working for myself full-time, offering live secure coding and application security training to help teams write safer software.

Entrepreneurs gotta entrepreneur. 🚀
1/2

Only the truth

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“DevSecOps: More Than Just Pipelines”
📽️ https://twp.ai/4ioDxP

#CyberSecurity #SecurityAwareness #appsec