re: Web Developer Security Checklist V2 VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Very good list, I would say that around half of them are not the Developer's responsibility (in a team with sys admins), never the less, the rules ...
 

You raise two interesting points. The first: non a devs responsibility ... as we move more toward a DevOps world, these roles are becoming combined and at the very least, devs need a strong appreciate and understand of all the issues if they are not directly responsible for them.

The second: a long list. I hear you. We've got lots of suggestions to add, but we have tried to only add the very important to the list. The idea of the list is not to be prescriptive of what you MUST do, but rather, for you to read the list at various points of your dev lifecycle to prompt your thinking to what items could be relevant at that point.

Thank you for reading and commenting.

code of conduct - report abuse