EPISODE 30: SAY GOODBYE TO ‘GIT BLAME’: BUILDING COLLABORATIVE AND SECURE SOFTWARE DEVELOPMENT LIFECYCLES

Compromising Positions - A Cyber Security Podcast

เนื้อหาจัดทำโดย Compromising Positions เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดหาให้โดยตรงจาก Compromising Positions หรือพันธมิตรแพลตฟอร์มพอดแคสต์ของพวกเขา หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่แสดงไว้ที่นี่ https://th.player.fm/legal

1+ y ago 36:46

MP3•หน้าโฮมของตอน

Fetch error

Hmmm there seems to be a problem fetching this series right now. Last successful fetch was on November 27, 2024 17:03 (11M ago)

What now? This series will be checked again in the next day. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.

This week we are joined by James Charlesworth, a seasoned Director of Engineering at Pendo with 15 years of experience in software engineering. James is also the creator of the Train to Code YouTube channel, where he shares a wealth of excellent training videos on software development.

In this episode, Say Goodbye to ‘Git Blame’: Building Collaborative and Secure Software Development Lifecycles, we dive into some great topics aimed at saying goodbye to the blame game and hello to good app and product sec!

James talks us through his process of building up cross-functional empathy between his engineering function and the security team; why the engineering team might not be the best team to speak to if you’ve got a lot of vulnerable code and a step-by-step guide on how he excels in delivering product security in his organisation.

Key Takeaways:

Empathy-Driven Collaboration: James emphasises the importance of empathy when aligning priorities across inter-departmental teams. Whether it’s engineering or cybersecurity, understanding why people request specific tasks is crucial.

Shared Ownership of the Codebase: Forget the notion of “that engineer’s code.” James advocates for a hyper-collaborative approach where everyone takes responsibility for the codebase. Avoid the blame game (say goodbye to ‘Git Blame!’) and recognise that collective ownership leads to better outcomes.

Coding Literacy for All: Should security professionals learn to code? Absolutely! While not everyone needs to be an expert, having a basic understanding of coding helps bridge communication gaps. It enables security teams to comprehend technical issues and collaborate effectively with developers.

What is Product Security?: Product security isn’t an afterthought; it’s embedded throughout the development process. Prioritising security ensures a robust and reliable end product.

Learning from Errors: James encourages learning from coding errors early in the software development lifecycle.

Cowboy Coders and Robust Processes: James shares his thoughts on “cowboy coders”—those who cut corners.

SHOW NOTES

Train to Code YouTube Channel

ABOUT JAMES CHARLESWORTH

James is a Director of Engineering at Pendo, where he also serves as the site lead for the Sheffield office. With 15 years of experience in software engineering, he is committed to Pendo's mission to elevate the world's experience with software. An author and public speaker, James is passionate about diversifying the tech industry and actively works to help individuals from various backgrounds enter the field of software engineering. In addition to his role at Pendo, he also organizes the Sheffield AI Meetup, further fostering a community around artificial intelligence. James is not just a lifelong computer nerd; he's a leader committed to making an impact in technology and community.

LINKS FOR JAMES CHARLESWORTH

James’ website

James’ LinkedIn

56 ตอน

#Tech #Society #Business #Compromising Positions