Do Certain Types of Developers or Teams Write More Secure Code?
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore a comprehensive analysis of factors influencing secure code development in this 43-minute OWASP Foundation conference talk. Delve into software vulnerabilities, static application security testing tools, and human factors affecting code security. Examine research methods, including DARPA studies, and investigate the impact of team dynamics, developer experience, and work environments on code quality. Learn about the effects of circadian rhythms, unfocused contributions, and team size on security outcomes. Discover insights from other domains, such as fatigue and cultural influences, to gain a holistic understanding of secure coding practices and team performance.
Syllabus
Introduction
Anita Damico
Outline
Software Vulnerability
How long does it take to discover software vulnerabilities
Static application security testing tools
Human factors
Software engineering
Research methods
DARPA
Retrospective
Timecards
Concurrent Analysis
The Question
Predictors
Dramatic Pause
Colocation vs Distributed Teams
Human Circadian Rhythm
Unfocused Contribution
Number Of Developers
The bystander effect
Not all research agrees
Developer experience
Minor contributors
Day job
Interactive churn
Lessons from other domains
Fatigue
Death
Culture
Conclusion
Taught by
OWASP Foundation
Related Courses
Accountant in BusinessACCA via edX Comunicación, experimentación y aprendizaje en liderazgo
Universidad de los Andes via Coursera Personality Types at Work
University of Florida via Coursera Advanced Leadership for Engineers: Leading Teams, Organizations and Networks
Delft University of Technology via edX Leadership and Management for PM Practitioners in IT
University of Washington via edX