How Marketing Ruined Shift Left | Semgrep’s Tanya Janca
You can’t buy your way to secure practices
When it comes to securing software, most developers feel like they're playing catch-up instead of setting the rules.
Tanya Janca (of SheHacksPurple fame), and author of "Alice and Bob Learn Secure Coding," brings her 28 years of IT and security expertise—spanning counter-terrorism to enterprise training—to Dev Interrupted. She unpacks the common pitfalls teams face when security is treated as an afterthought, highlighting the developer frustration of being held accountable for security without the tools or knowledge needed to succeed.
In this episode, Andrew and Tanya explore how transforming security from a “final gate” into an ongoing practice saves money, reduces conflict, and builds better software. Tanya provides concrete advice for developers and leaders on creating internal knowledge libraries, fostering continuous learning habits, and critically evaluating tooling and Gen AI code to ensure it meets security standards.
Speaking of AI's growing role, we're curious how it's reshaping workflows across the industry. Share your own experiences with AI adoption by taking our quick survey to discover your spot on the adoption graph (and what you can do to level up).
“What [marketers] used [shift left] for was, 'if you buy our product, you have shifted left'... If you stick our product in your CI the devs will magically fix everything. No effort required. Not true.” —Tanya Janca (AKA SheHacksPurple)
The Download
The Download is your weekly bundle of engineering leadership. 🧺
1. Shopify wants proof that a job can’t be done by AI 🧾
CEO Tobi Lütke says employees need to prove their roles can’t be done by AI before asking for more headcount. It’s a provocative policy that underscores a bigger trend: AI is reshaping how value is judged. The challenge? Most companies still haven’t defined how to measure that value, or given teams the right tools to integrate AI meaningfully. A chatbot isn’t a strategy, and vibes aren’t a workflow.
Read: Shopify CEO says staffers need to prove jobs can’t be done by AI before asking for more headcount
2. Claude goes full Ender’s Game on education 🎓
Anthropic’s new “learning mode” flips the script on AI tutors by not giving students the answers—instead, it guides them to think critically and explore their own reasoning. It’s a powerful shift: AI that teaches instead of tells. With personalized, curiosity-driven learning, we’re inching closer to a world where every student gets an elite, adaptive education.
Read: Anthropic flips the script on AI in education: Claude’s Learning Mode makes students do the thinking
Ready to move beyond Copilot? 🛤️
Join LinearB for a 35-minute workshop and learn how top engineering teams are evolving from passive AI assistance to full orchestration. We’ll walk you through real-world agentic AI workflows, show you where you land on the AI Collaboration Matrix, and help you identify the next high-impact initiative for your team.
3. Tricking a rock into thinking since 1975 🪨
Bill Gates dropped a gem on his blog: a look back at the original source code for Microsoft’s first PC software. Complete with dot matrix ASCII art and simulated printouts, this isn’t just a nostalgia trip but a tribute to the mathematical brilliance that turned theoretical physics into functional computing. It’s wild to remember that all of modern software rests on the shoulders of folks who literally figured out how to make silicon think. A must-read for anyone who loves a good origin story.
Read: Celebrate 50 years of Microsoft with the company’s original source code
