Gergely Orosz (@pragmaticengineer): "Five myths about security engineering that software engineers should probably know: Security is only the responsibility of security engineers. False! Security through obscurity is sufficient. False! More security measures makes software more secure. Not always! Once secure, …"

Make money doing the work you believe in

The Pragmatic Engineer

Five myths about security engineering that software engineers should probably know:

Security is only the responsibility of security engineers. False!
Security through obscurity is sufficient. False!
More security measures makes software more secure. Not always!
Once secure, always secure. False!
Penetration testing by itself ensures security. False!

For a deepdive into security engineering, see today’s issue by security engineer Nielet D'mello:

The Pragmatic Engineer

What is Security Engineering? Part 1.

Apr 16, 2024

at

8:11 PM

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts