Tanya Janca | SheHacksPurple (@shehackspurple)

O'reilly book cover, "Yolo commit edition"

"Yolo is not a security strategy!"

06.03.2026 21:57 👍 11 🔁 3 💬 0 📌 0

Canada is one step closer to mandatory secure coding in government software.

Petition e-7115 is live!

If you can sign, please do it today:
👉 https://twp.ai/9PaqLN

This is how we make real change. 🙏

06.03.2026 03:38 👍 3 🔁 0 💬 0 📌 1

Question for people whose title is "security researcher": besides bug bounty submissions, how do you make money? What other options are there for monitizing security research? Honest question.

06.03.2026 00:57 👍 1 🔁 2 💬 2 📌 0

Important question for software developers: what do you wish you knew more about in regard to creating more secure software? If you could suddenly know something, like Neo in the matrix, what would it be?

I will see if I can help.

05.03.2026 22:19 👍 3 🔁 2 💬 1 📌 0

Tanya Janca on stage

Thank you to everyone who came to my keynote at #vipss today! 🥳

05.03.2026 22:18 👍 1 🔁 0 💬 0 📌 0

This is such an original idea. I can't wait. Thanks!

05.03.2026 22:03 👍 0 🔁 0 💬 0 📌 0

Come see my keynote, 'Insecure Vibes' at 12:00 at Victoria International Privacy and Security Summit today! #vipss

05.03.2026 19:00 👍 2 🔁 0 💬 0 📌 0

Come see my keynote, 'Insecure Vibes' at 12:00 at Victoria International Privacy and Security Summit today! #vipss

05.03.2026 19:00 👍 0 🔁 0 💬 0 📌 0

I made my picks. We don't get to WATCH the event? I was hoping to watch...

05.03.2026 16:18 👍 0 🔁 0 💬 1 📌 0

Brad Edwards

Brad Edwards is kicking off his AI-related keynote at #VIPSS in Victoria BC.

04.03.2026 19:50 👍 2 🔁 0 💬 0 📌 0

Every signature matters. 🙏
2/2

04.03.2026 00:50 👍 3 🔁 1 💬 0 📌 0

I’ve been working toward this for years, and it finally happened.

Canada now has a parliamentary petition to require secure coding in federal software. If you care about cybersecurity, public safety, and better government tech, please sign:
👉 https://twp.ai/9Pbk5I
1/2

04.03.2026 00:49 👍 10 🔁 2 💬 2 📌 0

Brochure only: https://twp.ai/Imurr5
2/2

03.03.2026 19:25 👍 0 🔁 0 💬 0 📌 0

Most security training fails because it teaches rules, not behavior. I’ve put together a new training brochure that explains how I focus on habit-building, developer trust, and real-world secure coding.

If that sounds good...
👉 https://twp.ai/9PaNSx
1/2

03.03.2026 19:25 👍 2 🔁 0 💬 2 📌 0

So weird!!!!

Perhaps you have a big submission for the bluesky folks.

03.03.2026 06:51 👍 0 🔁 0 💬 1 📌 0

though.fun?

so tempting to click random links... damnit...

03.03.2026 05:32 👍 0 🔁 0 💬 1 📌 0

What I want to see is:
Trust changing events
Pipeline and artifact integrity signals
Anomalous publishing behaviour
When WEIRD stuff happens

Not "developer surveillance"

03.03.2026 05:31 👍 2 🔁 0 💬 0 📌 0

Like internal developer productivity tools (engineering intelligence) platforms, ++

And I mean, for security purposes, not creepy time tracking or something.

Thoughts?
2/2

03.03.2026 05:10 👍 3 🔁 0 💬 2 📌 0

Is there a tool on the market that monitors DEVELOPER telemetry? What THEY are doing, not the apps? For instance, which packages they download, extensions they install, code they copy and paste, AI assistants they use, communication methods, etc?
1/2

03.03.2026 05:10 👍 3 🔁 0 💬 1 📌 0

I miss him already.

03.03.2026 04:06 👍 2 🔁 0 💬 0 📌 0

If you’ve been trying to make supply chain security feel more practical and more human, this one’s for you.

Hope to see you there!

Tickets here: https://twp.ai/9Pbev9
2/2

03.03.2026 03:33 👍 1 🔁 0 💬 0 📌 0

I’m so excited to be keynoting and hosting a workshop at SnowFroc ’26 in Denver, April 16–17!

My keynote is: “Threat Modeling Developer Behavior: The Psychology of Bad Code”

My workshop: Supply Chain Isn't Just Dependencies Anymore: Defending Developers, Tooling, and Builds
1/2

03.03.2026 03:33 👍 3 🔁 0 💬 1 📌 0

Agreed

03.03.2026 03:26 👍 0 🔁 0 💬 0 📌 0

Brochure only: https://twp.ai/NTYlGX

Feedback welcome. Always.
2/2

02.03.2026 23:07 👍 5 🔁 1 💬 0 📌 0

I finally put all my secure-coding training into one place 👀
New brochure is up, with what I actually teach, who it’s for, and what teams get out of it.

If you’re curious (or responsible for training devs):
👉 https://twp.ai/9PZ1gL
1/2

02.03.2026 23:07 👍 6 🔁 2 💬 1 📌 0

tcpdump101.com - Build Packet Captures Online Build PCaps for: tcpdump, Fortigate, Check Point 'fw monitor' and Cisco ASA.

Almost 40 years in Net/Sec/Eng and always willing to give back. #Networking, #Firewalls, #Hacking, #Linux, #Security, #Architecture and more. Don't want to connect yet? No biggie. Have yourself some tcpdump101.com to get started on building PCaps on a variety of platforms. 💚

#CyberMentoringMonday

02.03.2026 17:07 👍 7 🔁 3 💬 0 📌 0

Looking to learn or inspire? Make sure you're following @shehackspurple.bsky.social and show some love.

02.03.2026 17:08 👍 3 🔁 1 💬 0 📌 0

It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect

02.03.2026 17:01 👍 4 🔁 2 💬 1 📌 1

I can't wait to add it to my vocabulary

02.03.2026 02:47 👍 5 🔁 0 💬 0 📌 0

Thank you Chris!

01.03.2026 17:58 👍 1 🔁 0 💬 0 📌 0

Tanya Janca | SheHacksPurple

Latest posts by Tanya Janca | SheHacksPurple @shehackspurple