With the holidays fast approaching, you are probably starting to think about what gifts to get for your family, friends and colleagues.
This can be a daunting task – especially if the only answer you get to gift queries is "Oh I don't really want anything" or "You don’t have to get me anything! - even though they really do. (P.S., you’re all getting candles.)
If you have to choose a gift for your colleagues, you are probably feeling a lot of pressure to pick the right one, and may have even found yourself thinking "everyone would probably love a branded shower radio – it's practical and fun!"
Don't worry, you'll get there.
If you're a security professional working with developers, though, we've got you covered. Because what developers really want is to deliver an amazing product by their deadline without a bunch of negative feedback from security after the fact. So, what's on your developers' holiday wish list?
Respect their deadlines: The software your developers are creating is integral to business functions, so they need to get it out on time. Show you really care this holiday season by being aware of their deadlines, giving your security input as they go, and making yourself available so development's goal of timely delivery and your goal of security are both met.
Give them a sandbox (not a physical one): Developers are being asked to take on more security tasks than ever before, and for most it is a new skill set. A developer sandbox allows them to check their code for vulnerabilities and correct them, without alerting their manager to every flaw. Sandboxes don’t snitch.
Have a plan: If you find there is a problem with a developer's code, or that there will be an issue meeting a deadline with secure code, don’t just point it out and go on your way. Give your dev team a recommendation for how you can collaborate to solve the issue.
Automate security: Because developers work within a creative flow and are bound by the aforementioned dreaded deadlines, it can be a drag to have to constantly stop to check for potential security risks.
Automated application security testing allows developers to keep their creative fast pace, actually facilitate stronger programs, and ensures you stay out of headlines as the victim of a major hack. It’s the gift that keeps on giving.
Be a resource and a partner: With attacks at the application layer becoming common, developers and security teams have to work together. So be a united front in discussions about deadlines and budgets, and empower your dev team with security resources, like eLearning or incremental training.
So now that you know, give the people what they want! And if you are feeling extra giving this holiday season, you can give them the shower radio too.