The Elephant in AppSec Conference Day 1

Tanya Janca, also known as SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Application Security’ and 'Alice and Bob Learn Secure Coding'. Tanya has been coding and working in IT for over twenty-seven years, won countless awards, and has been everywhere from public service to tech giants, writing software, leading communities, founding companies and ‘securing all the things’. She is an award-winning public speaker, active blogger & podcaster and has delivered hundreds of talks on 6 continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives.

Alina, Staff Product Security Engineer, Tech Lead Manager at Toast, Inc and former developer and QA Engineer., is dedicated to empowering developers by integrating security into everyday practices. Passionate about building a culture of security awareness, she works to ensure that security is a core component of development processes, helping teams build safer, more resilient applications.

Antoine is co-founder & CTO of Escape. Antoine is a former French National Secret Agency and Apple security engineer and penetration tester. He is an active contributor to multiple open-source projects and one of the maintainers of Clairvoyance.

Jackie is a Director in KPMG’s Cyber Threat Management practice where he primarily specializes in DevSecOps, Application Security, and Security Operations. His core mission is to help clients navigate the complex landscape of software security and protect their most valuable enterprise assets from cyber threats. He works with teams to assist with cyber security strategy and governance, operational optimization and performance improvement, and the assessment and mitigation of cyber risk.

Dustin Lehr is the Application Security Advocate at Security Journey and Co-founder of Katilyst, where he helps organizations design developer-centric AppSec programs that motivate secure behavior at scale. A former software engineer turned security leader, he brings more than 20 years of experience architecting technology solutions and bridging the gap between developers and security teams. He is the author of The Security Champion Program Success Guide, co-founder of the Let’s Talk Software Security community, and a frequent conference speaker and podcast guest. Known for applying behavioral science to application security, Dustin shows how motivation, influence, and culture change are just as critical as technology, tools, and AI in building proactive security practices.

Sana Talwar is a Product Security Engineer at ServiceNow, where she helps build secure software and strengthen product resilience. Her journey in tech began in high school when she was featured in the CodeGirl documentary for creating an app that solved a community problem. She teaches cybersecurity at a local community college and speaks on topics that bridge security, education, and emerging technologies.

Enrique Larios Vargas is a Security and Learning Specialist with over 8 years of experience designing impactful learning and enablement programs across fintech, engineering, and security domains. With a background as a university lecturer in software engineering in Peru, the Netherlands, and Canada, he brings a unique blend of technical insight and behavioral science to his work. Enrique is the lead author of the research paper “DASP: A Framework for Driving the Adoption of Software Security Practices”, which explores how behavioral models like COM-B can drive secure development. He is passionate about helping developers move beyond compliance and build a meaningful, human-centered security culture.

With over 18 years of experience in application and product security, Alekh Gadekar is a seasoned cybersecurity leader currently serving as a Senior Application Security Manager. His expertise spans risk assessment, threat modeling, and secure SDLC, with a strong focus on the banking, finance, and fintech sectors. Throughout his career, he has driven the design and implementation of robust security strategies, led cross-functional teams, and ensured alignment with industry standards and regulatory requirements.