So having developers and operations collaborate only solves part of the puzzle. Some companies still have cyclical and separate security teams. DevSecOps is the collaboration between releases of all stakeholders to try to release and author secure software continuously.
It's likely a buzzword in most places of work. Automated scans and tooling are only part of the problem. Convincing a dev who believes otherwise that their framework defaults present operational and security risks can be an uphill battle, especially when neither side backs down, despite one party clearly being more experienced.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
So having developers and operations collaborate only solves part of the puzzle. Some companies still have cyclical and separate security teams. DevSecOps is the collaboration between releases of all stakeholders to try to release and author secure software continuously.
It's likely a buzzword in most places of work. Automated scans and tooling are only part of the problem. Convincing a dev who believes otherwise that their framework defaults present operational and security risks can be an uphill battle, especially when neither side backs down, despite one party clearly being more experienced.