Virtual Lunch & Learn Series

The DevSecOps Knowledge Forum

Mark your calendars and join us for a mid-day break with subject matter experts from Sonatype and NowSecure

August 19 @ 12pm ET
Ten Things I Wish Every Developer Knew About Security

Do your developers understand enough about security to secure your applications properly? How do they fair against the OWASP Top 10, the list of the most dangerous web application risks? Perhaps your developers write code in a non-web language, like C or C++. Those languages suffer similar issues. A large number of security problems bury your developers. Do you know best how to help them?

There is a connection between technical security issues and the human element. Human beings write the code, not computers. Human beings, as developers, must gain security knowledge about how to secure everything they work on and receive coaching.

The answer to engaging developers with security is to understand the ten things every developer must know about security and expose them to it. We'll explore the mindset of the developer and the various issues that plague their applications. Examples of the problems include “Everyone is a security person and the security need is pervasive”, “Third-party and open source vulnerabilities are rampant”, and “Docker and Kubernetes are not security products”. For each item you’ll learn an explanation provided peppered with real-world stories, how to assess this item within your organization, and tips/tricks for building this item when you get back to work.

You'll leave this session with:

  • Perspective on security from the eyes of your developers
  • Greater awareness of the application security risk you face
  • Knowledge of the ten things
  • How to coach your developers about security in a programmatic fashion.


Chris Romeo, Security Journey

Dwayne Dreakford, Sonatype
Sales Engineer

Brian Reed, NowSecure
Chief Mobility Officer

Can’t attend live? No worries - be sure to register and we’ll send you a recording.

Register Here