Wednesday, November 4, 2015

2015-045: Care and feeding of Devs, podcast edition, with Bill Sempf!

When you receive a #pentest or vuln scan report, we think in terms of #SQLi or #XSS. Take that report to your dev, and she/he sees Egyptian hieroglyphics and we wonder why it's so difficult to get devs to understand.

It's a language barrier folks. They think terms of defects or how something will affect the customer experience. We think in terms of #vulnerabilities, and what caused the issue. We need to find that common ground, and often, that will mean us heading into unfamiliar territory. It doesn't have to be 'us vs. them'. We are supposed to be a team. 

Join us this week as we discuss that very topic with Bill #Sempf. Bill has spent nearly 25 years doing software development and security, working as an independent contractor for dozens of companies on hundreds of #software #projects. He helps us figure out how to speak 'dev', and to develop a mindset that will ensure you can get the most out of interactions with developers and coders.

Show notes:

Direct Link:


Bill's #DerbyCon Talk "#Developers: Care and Feeding":

Bill's Blog:

Bill's Twitter: @sempf  

Check us out using the #TuneIn App!:



Here is a new episode of Brakeing Down Security!

No comments: