Security News > 2023 > March > Developers can make a great extension of your security team
Developers care about the quality and security of their code, and when empowered to help, developers make great security advocates who can help harden your supply chain security while reducing the burden on DevOps and security teams.
Introducing security tools that allow developers to own code security within their existing development process can increase early risk identification and simplify the process of mitigating risks, slowing the growth of vulnerability backlogs.
Some studies have even found evidence that developer-integrated security practices are a sign of maturity seen in successful security organizations.
In an annual study, the Building Security in Maturity Model team found that all 10 of the firms with highest BSIMM scores had implemented satellite teams that augment security efforts, and that these same satellite teams were missing from all 10 of the lowest scoring firms.
A complete approach to supply chain security must include developer security champions.
Developers should not only be included in the security process, but they should also be empowered to act on known risks with developer-oriented security tools that work within their existing development process.
News URL
https://www.helpnetsecurity.com/2023/03/01/developers-extension-security-team/