DZone Security Zone
Advances in developer tools, containers, code repositories, and more enable developer teams to deliver software at an unprecedented pace. However, application security teams are often understaffed, underfunded, and laboring to keep pace with software development. One demonstrated strategy that helps AppSec teams keep up and even provides them time for high-value security tasks is to shift security left in the development cycle.
Creating a developer-first approach to security, or in other words, shifting security left requires that developers become accountable for producing secure code. Since security is not the typical developer’s area of expertise, application security engineers assume the role of providing oversight and guidance needed to enable developers to succeed.
Read the original article: