Ask HN: Developers, What annoys you about security within your company?
I am curious about how security affects your team. Does it hinders you? Bugs aren't well written? Lack of knowledge and can't understand the challenges you face? I want to be more empathetic towards my developers and help make each other better.
1 comment
[ 3.5 ms ] story [ 12.8 ms ] threadAnd I don't think it can be said enough, do more than pay lip service to security. Care about security and work with the team to identify and address areas where there are problems. Especially in my experience startups always have this as a failure point. I've yet to see a single startup get security right early on, not saying some don't but almost always speed, getting investor dollars and "well come back to it" outweigh the security items raised. In the end this will always bite them, either in terms of cost to fix it later, or in embarrassment when it leaks or is hacked by a bored 14 yr old. Think of how many major startups/companies you can list that still had plain text passwords someplace, it is insane? Good logging is not an excuse to abandon good security practices.
I could ramble for a long time on this, but hopefully that gives some ideas.