1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: Reach 'em and teach 'em--educating developers on application security

Discussion in 'CSO' started by RSS, Aug 10, 2016.

  1. RSS

    RSS New Member Member

    How are developers supposed to build security throughout the development lifecycle if they are not taught security at any stage of their education? Vulnerabilities exist because products made by developers who have close to no knowledge of security are hitting the market.

    Rather than accept the idea that software will never be 100 percent secure, academia and industry leaders can be more proactive and teach developers how to think about application security.

    In a white paper, "App-Sec How-To Guide: Getting your Developers to Beg for Security" security vendor Checkmarx said, "The real secret, then, to getting developers excited about creating secure code is to use those techniques and tools that motivate them in other areas of their work: a way to visualize their work; providing a strong support system; giving solid feedback in a short timeframe; and allowing developers to learn not only from their own mistakes, but also from those developers around them."

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page