Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Simply put: We cared about security by ignoring all the cumbersome details.
So.... We ignored security deliberately, you pay extra and gain nothing.
Seeeecuuuurrriiitttyyyy..... -
It means thinking about the security aspect from the beginning instead of desperately trying to bolt it on afterwards.
-
@spacehash I'd say it's more about setting the right priorities from the get-go, which is rather about management priorities than team competence.
You can have a team that is as competent as 440C hardened steel, but if they are told to work on other things, shit just will go downhills. -
spacehash604y@Fast-Nop makes sense. I just feel like having security as a priority from the beginning should be a prerequisite for the software even being considered good, not a buzzword to classify the software
-
lebucur514ySecurity, like safety, can suck up an indefinite amount of time so you need a specialized authority to tell you when to draw the line because the product is secure or safe enough.
Related Rants
What does “security first” software even mean? Like, it was developed by a competent team?
question
security