Security is a blind spot in application development.
Security is a blind spot in application development. It is typically retrofitted by security professionals tweaking the infrastructure. However, as the network continues to penetrate deeper into homes and professional systems alike, and the voracious appetite for application integration punches more and more holes through traditional, network-based defenses, this approach is faltering. Today's applications must be developed with security in mind.
Developers typically lack a good grasp of the subject, but since I feel responsible for the integrity of an application as a software architect, I spend considerable time putting security issues in focus. Apart from doing so during client assignments, I aim to raise security awareness by lecturing at various events and hosting a security track at JavaPolis. Recently, I set up secappdev.org, a not-for-profit organisation. We are currently running a course on secure application development for experienced software practitioners, taught by leading experts. A similar course will be offered next year. We are also looking for other ways to address the blind spot. Suggestions are welcome.