One-third of dev professionals unfamiliar with secure coding practices

2024-07-19 04:00

Survey findings outlined in the report show nearly one-third of all professionals directly involved in development and deployment - system operations, software developers, committers, and maintainers - self-report feeling unfamiliar with secure software development practices.

"Our research found that a key challenge is the lack of education in secure software development. Practitioners are unsure where to start and instead are learning as they go. It is clear that an industry-wide effort to bring secure development education to the forefront must be a priority," added Wheeler.

Lack of time and lack of awareness and training are the top two most common challenges in implementing secure software development practices within organizations.

The top reason for not taking a course on secure software development is lack of knowledge about a good course on the topic.

"The first step in addressing secure software development is recognizing the existing knowledge gap and identifying priority areas for creating additional training," said Christopher "CRob" Robinson, Intel, co-chair of the OpenSSF Education Special Interest Group and chair of the OpenSSF Technical Advisory Council.

Organizations need a variety of language-agnostic courses to fill educational gaps and help IT staff better address secure software development.

News URL

https://www.helpnetsecurity.com/2024/07/19/devs-secure-coding-practices/