Modern Application Security

Collin Greene
Mar 10, 2015 · 9 min read
  • Is never “finished”
  • Is not understood by anyone end to end

Finding bugs

Bug finding is what makes a security team special.

Fixing bugs

As a security engineer you should be capable of fixing all security bugs yourself. You wont always do this but be sure to lay out what a clear fix looks life.

Prevent bugs

Software is written by people and people screw up sometimes. Lots of preventing bugs is around shepherding folks towards better code. There are a few ways to do this.

Tooling

Automate everything you can.

Non-technical

The goal is to fix as much insecurity as possible and the methods are not purely technical.

Conclusion

We can’t catch em all but hopefully some of these tactics, tools and ideas will prove useful.

Thanks to Ryan McGeehan

    Collin Greene

    Written by

    Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
    Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
    Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade