Episode #078: 🔥 Burn Your 30-page Policies: Tanya’s Got Better Ideas Artwork

Relating to DevSecOps

A Podcast dedicated to forging iron clad relationships between developers, engineers, operations, and security practitioners by discussing hot topics in the world of DevSecOps. This podcast aims to air out some of the common gripes, misconceptions, and hardships that these teams face in the real world every day.

All Episodes

Relating to DevSecOps

Episode #078: 🔥 Burn Your 30-page Policies: Tanya’s Got Better Ideas

April 22, 2025 • Ken Toler and Tanya Janca • Season 1 • Episode 78

0:00 | 46:48

Send us Fan Mail

In this must-listen episode of Relating to DevSecOps, Ken welcomes the ever-inspiring Tanya Janca, aka SheHacksPurple—author, AppSec expert, and champion of making security usable. Together, they dig into why so many application security policies fail, why developers ignore them, and how to make them actually work. Tanya shares real-world experiences from both dev and security perspectives, plus her journey from being ignored to lobbying governments for change.

From communication failures and TL;DR policy pages to leveraging wikis and code reuse, this episode is a practical masterclass in creating impactful, developer-friendly security standards.

Ken Toler

Host

Michael McCabe

Co-host