The AppSec Poverty Line: Minimal Viable Security
Tanya Janca
BSidesSF 2026 · Day 2 · AMC Theatre 10
In her compelling talk, "The AppSec Poverty Line: Minimal Viable Security (MVS)," Tanya Janca, CEO and Secure Coding Trainer at She Hacks Purple Consulting, addresses a critical and often overlooked challenge in the cybersecurity landscape: how small businesses, startups, and resource-constrained teams can achieve a baseline level of application security. Janca argues that not every organization possesses the vast budgets and dedicated security teams of tech giants like Microsoft or Google, leaving many vulnerable to common, easily exploitable threats. This presentation introduces the concept of the "AppSec Poverty Line," defining the absolute minimum security investment, knowledge, and practices required to adequately protect internet-exposed applications.
AI review
Janca is a credible speaker with real AppSec credentials delivering a competent, practitioner-friendly framework for resource-constrained teams. The 'AppSec Poverty Line' framing is catchy and the prioritization guidance is genuinely useful for its target audience — but this is a BSides community talk, not novel research, and it lands squarely in the 'good blog post' category.