Tanya Janca | SheHacksPurple 
How do you secure legacy apps? How do you start? Do you have a game plan? Or a framework? Where should we begin with older applications, who were not made with security in mind?
How can we prevent credential stuffing attacks on our apps? What are a couple of things we can do?
How do you handle AppSec if you have no security team? I realize this one is wide open, but there's so much to solve here!
What’s your go-to tip for educating developers about secure coding?
Share the most surprising vulnerability you've encountered in an app. Tell us a story!
What’s one lesson you learned the hard way about application security?
Developers: Describe your job in three emojis. 🤔🔒💻
What issues have you seen pop up when integrating security tooling into your CI/CD? And how did you solve them?
What’s the top priority in your application security program right now? (You can be vague to protect the innocent if you need to)
What AppSec tools are a must have in your stack? SAST? SCA? Linter? Name as many as you feel are 'must have'.
