Any tips on ingraining the fundamentals of secure software development in your company culture? How have you secured support and ensured best practices permeate through every level of your org?

Culture & ValuesEngineeringSecure Code & Automation (DevSecOps)
1.9k views3 Comments
Sort By:
Oldest
DIRECTOR OF SOFTWARE DEVELOPMENT7 months ago
I would encourage all developers to play Juice Shop from OWASP https://owasp.org/www-project-juice-shop/ it is both sobering and gamified. Then review OWASP top 10 with them as a basic level. Finally encourage pipeline automation for any automated checks like burp sweet and other similar tools to check on a staging environment automatically. This way security audits you pay for in the future are only uncovering hard to find items, make the auditors work for it :) 
1
CISO (CISO) in Healthcare and Biotech7 months ago
A proper development guideline that incorporates security checks is helpful.  Automated checks of course help.  See also ISO 27001 controls for software security.
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Head of Application Security4 months ago
As above + security champions in each team or area. However, it could be a challenge to get their time sometimes

Content you might like

Is flutter flow best for app builder software

Applications & PlatformsCloudContact Center & Telecom+15 more

Yes79%

No20%

1.2k views

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments

What have been your experiences with using OData with Java and/or .Net?

Applications & PlatformsDatabaseEngineering+1 more
243 views2 Upvotes

In the age of cloud computing and remote working, is the traditional firewall dead?

CloudEnd-User Services & CollaborationEngineering+10 more

The firewall is dead46%

Long live the firewall53%

4.5k views2 Comments

Is the metaverse dead, or is it just getting started?

EngineeringDisruptive & Emerging TechnologiesAugmented & Virtual Reality (AR/VR)
Senior Director, Defense Programs in Softwarea year ago
As a buzzword, it’s on life support.
2
Read More Comments
2.8k views2 Upvotes16 Comments