Quality Code, Safer World: Rethinking Security in Software Development | Beyond Coding Podcast #144

Topics covered
Popular Clips
Episode Highlights
Security as Quality
discusses the evolution of security from an isolated discipline to an integral part of software quality. He emphasizes that security should not be an afterthought but rather seamlessly integrated into the development process 1. Jelle notes that traditionally, security was often seen as a separate entity, focusing on testing and identifying vulnerabilities post-development. However, he advocates for a shift towards building secure systems from the outset, aligning security with quality assurance 2.
It's fun to build something that is not only easy to use, but also secure, and that doesn't require a lengthy manual to explain how to do things in a secure way.
---
adds that this integration reflects broader changes in tech roles, where collaboration and alignment are increasingly prioritized over isolated tasks 3.
Resilience & Innovation
The conversation shifts to innovative approaches in security, highlighting the influence of chaos engineering and resilience thinking. mentions Kelly Shortridge's work on security chaos engineering, which applies resilience thinking to security practices 4. He suggests that organizations should focus on practical solutions that balance security with usability, such as implementing passwordless login systems to reduce help desk calls 5.
There might be a 100% great technology solution, but nobody uses it because it's super complicated.
---
agrees, noting that the key is finding the right balance between risk and reward, ensuring security measures are effective yet user-friendly 6.
Modern Tools
Modern tools like cloud computing are revolutionizing security practices, offering consistency and scalability. describes this shift as an industrial revolution in IT, where cloud solutions replace traditional, cumbersome setups, allowing for more efficient security strategies 7. He also explores the dual role of AI in security, both as a defensive tool and a potential threat, highlighting how AI democratizes access to security capabilities 8.
The whole AI notion is another big one where people are exploring from different angles, using it for defensive purposes, but also seeing lots of use cases on how this could be used to attack with more scale or more effectiveness.
---
reflects on how these advancements necessitate a shift in security roles, integrating specialized knowledge within development teams to adapt to new challenges 7.
Related Episodes


QA in Software Engineering | Augustine Uzokwe | Beyond Coding Podcast #172
Answers 383 questions

High Quality Software Development | Eugene Fidelin | Beyond Coding Podcast #165
Answers 383 questions

Quality in Software Development | Dennis Doomen | Beyond Coding Podcast #13
Answers 383 questions

AI in Software Development | Roy Derks | Beyond Coding Podcast #159
Answers 383 questions

How Software Engineering is Evolving | Borislav Nikolov | Beyond Coding #183
Answers 383 questions

Software Development and Sustainability | Brendan Kamp | Beyond Coding Podcast #160
Answers 383 questions

Software Engineering Productivity | Walter de Bruijn | Beyond Coding Podcast #174
Answers 383 questions

Developing People | Ester Le Roux | Beyond Coding Podcast #164
Answers 383 questions

Teaching Software Development | @HiteshChoudharydotcom | Beyond Coding Podcast #55
Answers 383 questions













