Episode 1. Secure Coding — Goal of secure coding
→ Being a software person, the essential and hidden requirement of product delivery is software Security.
→ There are so many technologies with which we can write code (say PHP, Node.js, Python, Java, C++, etc.)
→ Every technology has its own advantages and disadvantages. So their risk of software attack is different.
→ The software attack is also dependent on the type of the software (say web application, mobile application, desktop application, embedded software, virtualization, containers, etc.)
→ There is no such term as security developer ⚠️
→ We can become a security minded developer ✅
→ When working in a project, we have lots of team that deals with security — Security experts, VAPT (Vulnerability Penetrating Testing Team).
→ There is a term called Security champion. They can be anyone in our IT team.
Goal:
We have what we need to write secure code. Data must be protected.
Beware of Logic Bomb and other exploits from Hackers and Crackers
This course experience is for anyone in the IT team:
A. Expectations of Development Managers:
B. Expectations of Project Managers:
C. Expectations of QAs:
D. Expectations of Developers:
→ For becoming a better coder, security is an important parameter.
→ If you are a developer, whose code hackers are finding difficult to hack, imagine the quality of the product that is created.
→ This will benefit your company a lot.
A funny incident wanted to share, we were working in Abu Dhabi Government TAMM, they had their own payment gateway (i.e. AD Pay)
We were writing codes for payment for the application. They had separate team i.e. VAPT team for security, they hacked our payment card details 😲
Those were test payment credentials. Imagine if this happens in production with live users 😟
Video:
Closing Thoughts:
Creating a secured application is an art. Data is everything — people trust us with their data. Being in IT field, it is our responsibility to develop applications keeping security in mind.
Welcome to this journey, this is not limited to specific programming language. Any aspirant can be a part of this.
Thank you for reading till the end 🙌 . If you enjoyed this article or learned something new, support me by clicking the share button below to reach more people and/or give me a follow on Twitter and subscribe Happy Learnings !! to see some other tips, articles, and things I learn about and share there.
