Forrester: Show, Don't Tell, Your Developers How To Write Secure Code
Feb 1, 2023
Developers are key to Application Security
AppSec is challenging; security engineers are held accountable for the security of the code that developers are writing. At the same time, developers don’t have the skills or resources to write secure code – most of them have never sat an application security exam in university!
To claw their way out, organizations should look at integrating developer-friendly Application Security Testing (AST) tools –earlier in the software development lifecycle.
Here’s what you will find in this report
- Developers aren’t taught application security in top computer science programs in the US.
- A new generation of application security testing tools is helping developers learn on the job.
- Secure coding practices can be promoted with guardrails, just-in-time training, and “security champions” programs.