How do you ensure that security protocols and practices don't hamper the developer experience?
Sort By:
Oldest
CTO in Transportationa year ago
They should be part of the development workflow and, if possible, integrate the checks on your CI pipeline to get fast feedback when broken. Similar to automated tests, they should be understood as a tool that helps the team to create and deliver better software.CEO in Softwarea year ago
I don't know if you can "ensure" that security won't hamper developer experience, but it is a worth goal. I think similar to what posted, the best way (sounds counter intuitive) is to have security be part of early architecture and RTP process. When you build it first and then ask for security to help "fix" it, the long term impact on developers, at least in my experience, is worse. Chief Information Technology Officer in IT Servicesa year ago
we try yo integrate security seamlessly into the DevOps pipeline, provide user-friendly tools with real-time feedback, and foster open communication between developers and security our teams for continuous improvement and collaboration.CISOa year ago
Adopt and encourage a secure by design culture across development teams, enable development teams to be able to incorporate security tools as part of their CI/CD pipelines. Create collaboration and ensure open communication between development and security teams. Feedback loops! Chief Information Security Officer in Softwarea year ago
Balancing security protocols with a seamless developer experience is crucial. I prefer to prioritize embedding security into the development process from the outset, ensuring that tools and practices are intuitive and integrated. Continuous feedback loops with our developers allow us to refine and optimize. By doing so, we aim to be the 'light on the hill'—setting an example for how security can enhance, rather than hinder, the development process. This collaborative approach ensures both robust security and a streamlined development experience.