The latest articles on DEV Community by Laura Bell (@ladynerd). https://dev.to/ladynerd https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F975732%2F08333bc1-7858-4a4f-b06b-5cbec4d39b11.png https://dev.to/ladynerd en Laura Bell Thu, 22 Feb 2024 23:06:10 +0000 https://dev.to/ladynerd/free-newsletter-for-secure-development-leaders-3-2l95 https://dev.to/ladynerd/free-newsletter-for-secure-development-leaders-3-2l95 <p>The latest edition of Secure Development Leaders is out now and shares three essential ingredients for building security culture in your development team.<br> Highlights:</p> <ul> <li>The importance of education (and why that's not about technology but motivation)</li> <li>Why education without empowerment is bad for your security</li> <li>The role of accountability (and acknowledgment).</li> </ul> <p>It also includes top things you may have missed in #appsec this week.</p> <p>[<a href="https://www.secdevleaders.com/p/three-essential-ingredients-secure-development-culture">https://www.secdevleaders.com/p/three-essential-ingredients-secure-development-culture</a>]</p> <p>If you find this useful, subscribe! It's free [<a href="https://www.secdevleaders.com">https://www.secdevleaders.com</a>]</p> security leadership news softwareengineering Laura Bell Sun, 27 Aug 2023 21:38:00 +0000 https://dev.to/ladynerd/bring-appsec-to-your-software-in-just-1-hour-per-sprint-5bd7 https://dev.to/ladynerd/bring-appsec-to-your-software-in-just-1-hour-per-sprint-5bd7 <blockquote> <p>Are you a smaller team who wants to get started in #appsec but don't know where to begin?<br> Have you tried before but lost momentum?</p> </blockquote> <p>I'm running a <strong>free appsec program - One Hour App Sec</strong>, for all teams worldwide and would love for you to join. We aim to help teams everywhere do 1 hour of application security every sprint.</p> <p>Every 2 weeks we send you:</p> <ul> <li><p>Tips and tutorials to build security foundations for your projects</p></li> <li><p>Templates to get you started</p></li> <li><p>Videos and watch-alongs to see how things work</p></li> </ul> <p>You can sign up and find out more (including links to previous sprints) at <a href="https://safestack.io/one-hour-appsec/">https://safestack.io/one-hour-appsec/</a></p> <p>No cost, no tricks or gimmicks :)</p> tutorial security learning Laura Bell Thu, 02 Feb 2023 00:08:13 +0000 https://dev.to/ladynerd/question-could-security-ever-be-considered-a-true-part-of-software-quality-34ng https://dev.to/ladynerd/question-could-security-ever-be-considered-a-true-part-of-software-quality-34ng <p>As a reformed software developer who now lives in the space between software creation and security I spend a lot of time thinking about <em>why</em> security is often considered separately to other elements of quality in our software. I wrote a longer post about this at <a href="https://safestack.io/blog/software-security-and-quality" rel="noopener noreferrer">Should software security be part of quality?</a></p> <p>For example: <br> In a peer review of a pull request we will automatically look for things like poorly structured or performing code but for many teams, security review happens later (sometimes by another team entirely.</p> <p>I'd love some thoughts from the dev.to community - </p> <p><strong>&gt; How can we make security part of our 'ilities' and an essential part of our software process?</strong><br> (without needing specialists or expensive tools).</p> vibecoding