Don't Expect Developers to Be Security Experts!

Developers are not security experts! Why not? And should they be?

We’re still learning — sometimes through trial and error — the best way to tackle security issues that won’t negatively interfere with delivering functional (and secure) software.

One thing is sure, there is only a subset of prevention and mitigation strategies that make sense to put on a developer’s plate. Even then, assuming all devs are equipped to handle this additional workload is unreasonable.

Melissa will define common security-related terms and lingo; share typical places to shore up applications when it comes to dependencies, packaging, and supply chain concerns; and discuss the plethora of scanning tools available today and how they actually work. Learn how to integrate a measure of security that makes sense in existing development processes and how to introduce a security culture to your team in a healthy way without exhausting your developers.