Developers need to stop fearing the InfoSec Mafia

Eric May 9 ・1 min read

#security #appsec #infosec #applicationsecurity

Sometimes it feels like your company’s Security team seems to push its way into everything — Do you want to implement a new feature, change an API? Not without security’s blessing, right? It can feel like your security team just complicates everything — and did you even really want their protection in the first place? Who are these guys to come in and force you to do things their way?

When you frame it like this, your InfoSec team sure does sound like the mafia. But here’s the big difference: we’re not adding all of these processes and overhead for our benefit — we’d be just as happy if you could secure everything on your own...

Let me keep it simple:

We are responsible for protecting your application’s users and your business’ customers, that is why we do what we do.

Still don’t believe me? Continue reading the full article over at Medium and let me see if I can change your mind.

Preview of security puns you will enjoy:

There may come a time when Security asks you for a favor…
"sleeping with the phishes"

Eric

code of conduct - report abuse

Classic DEV Post from Sep 1

Working as a freelancer

What is/was your experience working as a freelancer?

Reactions

48

Reactions

31

Opening all external links in a new tab securely: a JS function in ES6 syntax

Ru Singh - Sep 19

Cleaning Up Wordpress: Lessons Learned in Website Security

Wesley Handy - Sep 21

ScamBaiting Vs HackTheBox

Juan Carlos - Sep 21

AWS access keys — 5 Tips To Safely Use Them.

Lou — Cloud Native Software Engineer - Sep 20

joined

May 2, 2019

dev.to now has dark mode.

Go to the "misc" section of your settings and select night theme ❤️