@ladynerd.bsky.social
CEO at SafeStack | coauthor of Agile Application Security and Security for Everyone | Host of Build Amazing Things (securely) | #appsec nerd | mom
Should security schemes be more prescriptive?
"None of the security certifications or regulations are prescriptive; it is up to your company to define the scope, means, and implementation"
While this sounds great, does it put too much interpretation in the hands of the auditor?
Are you measuring subtle frictions?
This quote really made me think "where friction introduced by AI tooling is subtle enough to go unnoticed in the moment but cumulatively slows real-world output"
How many other sorts of subtle friction do we experience?
What are your essentials for setting up security monitoring?
Keeping an eye on the health and effectiveness of our systems is crucial but security monitoring can make the difference between small incident and catastropic event.
Are you ready to rollback?
This is a really pragmatic guide to thinking about rollback as well as rollout when planning your systems. Rollback can be an important part of incident response and we shouldn't underestimate how hard it can be.
Would you use an AI bot as your therapist?
While this study identifies some challenges from a safety and risk perspective, I think we are still yet to grapple with the PII and privacy implications of this sort of application.
Do I think everyone should get the help they need and have someone to ta
Every week, someone comes at me with some hustle culture nonsense about how I must work 24/7 and from anywhere..... sure.... obviously.... π
23.07.2025 00:49 β π 2 π 0 π¬ 1 π 0
Four months ago, this was a garden potting shed....
Now it's my dream office and recording studio, and the most peaceful space I've ever worked from.
As a founder, it's crucial that I have space to focus, but as a carer, I can't be far from home. This is the perfect compromise.
Iβve joined Sweat with Pride this June to support my rainbow whanau here in nz. π and on behalf of my very rainbow-tβastique family in the uk π¬π§π₯°
If you would like to support this great cause you can sponsor me!
www.sweatwithpride.com/fundraisers/...
π€― π’ It's 2025, and yet, in the age when AI is making all software and security jobs redundant...
We are still collecting payment information like this???
Much work is needed to secure our software experiences for our organizations and end users.
π sneak peak to whats coming very soon from @safestack π
Any of you want an easy way to build and mature an OWASP SAMM or NIST SSDF application security program?
DM me for early access and special pricing for early adopters.
This is going to be epic π
#owasp #appsec #infosec #productlaunch #ss
Hey #software leaders - I see you, spinning so many things at once.
Watch this space in Feb for a @SafeStack announcement that could make your #appsec life a lot easier.
The four hardest things about being a startup CEO right now ;)
#founderlife #startup #buildinpublic
My banned phase for 2025: "it depends" Let's make this year of making appsec easy and making small steps forward and stop hiding behind uncertainty and "what if"
#appsec #owasp
For the second time this year, I find myself impacted by health issues on a trip.
This time, COVID knocked me flat in less than 24 hours and has torn this trip asunder.
I am devastated but also grateful to be able to isolate and focus on recovery. I will be returning to NZ as soon as safe to do so
For the second time this year, I find myself impacted by health issues on a trip.
This time, COVID knocked me flat in less than 24 hours and has torn this trip asunder.
I am devastated but also grateful to be able to isolate and focus on recovery. I will be returning to NZ as soon as safe to do so
The fabulous Denise Jacobβs keynoting NDC Porto
Wise words about how to reflect and adapt to whatβs happening in the professional world right now
Great turnout for day one here at #ndcporto
Come say hi at the SafeStack booth where Iβm doing an AMA! Bring all your #appsec questions
You can even grab stickers or have us plant a tree on your behalf
Same.
26.09.2024 01:54 β π 1 π 0 π¬ 0 π 0Itβs normal for the parents in Bluey to make you feel like a bad parent right?
23.09.2024 04:29 β π 1 π 0 π¬ 0 π 0Oh no. Is it cosmic kids yoga? Our small people loved that and I donβt remember it being angry
19.09.2024 08:54 β π 0 π 0 π¬ 1 π 0Doing a thought experiment about how little you need to say to teach a CWE to a developer such that they can avoid it ππͺ
Anyone feeling brave?
Bluesky now has over 10 million users, and I was #55,038!
Wow I had no idea I was so early.
Thanks ππ
17.09.2024 02:57 β π 1 π 0 π¬ 0 π 0
π Looking for a 3-minute distraction to help me and SafeStack be more awesome. π€©
If you are a developer or appsec person, complete my tiny survey! We are working on some cool stuff, but we really need a bit of data to help us plan.
form.jotform.com/242598632391869
This.
12.09.2024 23:10 β π 1 π 0 π¬ 0 π 0
I donβt have a dog of my own so I send you my favourite dog and many hugs from afar
12.09.2024 10:17 β π 0 π 0 π¬ 0 π 0
Great talk by James Cooper here @owasp nz.
Coherently and clearly explaining SLSA and how to get started with it in your CI.
Yay! Youβre here too!
04.09.2024 21:23 β π 1 π 0 π¬ 0 π 0
Getting settled for the opening keynote here @owasp.org New Zealand
Come say hi if you see me around. Look for the D&D converse and come grab some SafeStack stickers
Omg Iβm in Auckland for OWASP NZ!
The locals seem friendly
