Tanya Janca | SheHacksPurple 
What's your favorite #OWASP project besides the Top Ten? No top ten lists! What ELSE? They do so much. #talkappsectome
PS Happy holidays.
If you had to explain SQL injection using only emojis, how would you do it? 🤓 #talkappsectome
What’s the weirdest or most obscure vuln you’ve ever had to explain to a stakeholder? Can you tell me about it? Also, how did it go? #talkappsectome
AppSec folks: What’s your favorite “gotcha” bug to look for in code reviews? Do you have a fav bug or special bug you're great at finding? #talkappsectome
Create your own AppSec-themed band name. I'll start: “Zero Day Reapers” 🤘 #talkappsectome
PS Yes, you are allowed to use the Wu-Tang Name Generator.
Do you think the industry is better or worse at secure development now than it was 5 years ago? Why? Why not? #talkappsectome
When should security not block a release? Or should it never block? What is worthy of a block? Or, should we have fixed things before the CI? What are your thoughts? #talkappsectome
What's the hardest part about scaling security in a fast-moving dev org? Please also give me tips of how to succeed anyway, if you can! If not, hopefully others will offer advice in the thread. :-D #talkappsectome
What makes a “security champion” successful in a dev team? What makes them good at it? What makes a bad one? How can you tell if it's going well or not? #talkappsectome
Is there an #AppSec or #DevSecOps trend right now that you think is overhyped? Which one and whyyyyyy? Tell me your feels #talkappsectome
