Placing security in the hands of developers

by Emma

[ad_1]

Developers today are faced with an ever-changing landscape. Their responsibilities continue to expand into areas like software QA, security, and governance. In an SD Times Live! webinar, Brian Fox, CTO of Sonatype and Steve Poole, developer advocate at Sonatype, discuss the ways in which security has become an essential part of a developers job.

According to Fox and Poole, one of the biggest struggles for developers entrusted with security practices is that they were not originally trained in the security field. This lack of proper training leads to mismatched expectations on both ends. When two teams have to work together but do not speak the same language, this is an almost unavoidable problem. 

A key solution to this problem would be for organizations to better enable their developers to understand security practices. Investing time into this would help to bridge the gap between development and security and make for a better outcome in the long run. 

Sonatype provides tools to developers to make this integration of security easier, but according to Fox and Poole, organizations merely providing these tools is not enough, they have to make them understandable and accessible to their developers in order to see the desired results. 

According to Fox and Poole, as the developer domain changes, developers have a right to ask their organizations to enable them to provide long-term solutions to the problems they are now facing. They see the shift of security to developers as a positive thing, but only if the proper tools and training are in place. 

“We have so much opportunity and so much stuff that will help, but we’ve been educated for a long time not to go looking for it,” Poole said, “And now is the time to turn that around and start putting effort into education… and taking a good look at the tools that are out there and seeing how much they can help you,” he concluded.

To learn more about the expanding developer domain into the world of security, watch the full talk “The Broad Responsibilities of the Expanding Developer Domain” on demand now.

[ad_2]

Source link

Related Posts

Leave a Comment