re: What are some fundamentals of security every developer should understand? VIEW POST

VIEW FULL DISCUSSION
 

Don't forget about social engineering. Tell your support team to never give out passwords over phone. Build a password reset into site and get your support team to point users to that.
Most data breaches are by employees - lock your systems down.
Get your site pen tested.
Plus everything already said.

code of conduct - report abuse