How Marketing Ruined Shift Left | Semgrep’s Tanya Janca

When it comes to securing software, most developers feel like they"re playing catch-up instead of setting the rules. Tanya Janca (SheHacksPurple), author of "Alice and Bob Learn Secure Coding," brings her 28 years of IT and security expertise—spanning counter-terrorism to enterprise training—to Dev Interrupted. She unpacks the common pitfalls teams face when security is treated as an afterthought, highlighting the developer frustration of being held accountable for security without the tools or knowledge needed to succeed. Explore how transforming security from a final gate into an ongoing practice saves money, reduces conflict, and builds better software through clear requirements and true developer empowerment. Tanya provides concrete advice for developers and leaders on creating internal knowledge libraries, fostering continuous learning habits, and critically evaluating AI-generated code to ensure it meets security standards.  Speaking of AI"s growing role, we"re curious how it"s reshaping workflows across the industry. Share your own experiences with AI adoption by taking our quick survey to discover your spot on the adoption graph (and what you can do to level up). Check out:Beyond Copilot: Gaining the AI AdvantageSurvey: Discover Your AI Collaboration Style Follow the hosts:Follow BenFollow Andrew Follow today"s guest(s):Website: SheHacksPurpleLinkedIn: Tanya JancaBook: Alice and Bob Learn Secure Coding Referenced in today"s show:Shopify CEO says staffers need to prove jobs can’t be done by AI before asking for more headcountAnthropic flips the script on AI in education: Claude’s Learning Mode makes students do the thinkingCelebrate 50 years of Microsoft with the company"s original source code Support the show: Subscribe to our Substack Leave us a review Subscribe on YouTube Follow us on Twitter or LinkedIn Offers: Learn about Continuous Merge with gitStream Get your DORA Metrics free forever