The Quick Wins of DevSecOps

The Quick Wins of DevSecOps

The question is almost always: What are the quick wins or low hanging fruits if you want to deal more with the topic of security in software development?

Hello and welcome to my DevSecOps post. Here in Germany, it's winter right now, and the forests are quiet. The snow slows down everything, and it's a beautiful time to move undisturbed through the woods.

Here you can pursue your thoughts, and I had to think about a subject that customers or participants at conferences ask me repeatedly.

The question is almost always:

What are the quick wins or low hanging fruits if you want to deal more with the topic of security in software development?

And I want to answer this question right now!

Let's start with the definition of a phrase that is often used in the business world:

Make or Buy

Even as a software developer, you will often hear this phrase during meetings with the company's management and sales part. 

The phrase is called; "Make or Buy." Typically, we have to decide if we want to do something ourselves or spend money to buy the requested functionality. It could be less or more functionality or different so that we have to adjust ourselves to use it in our context. 

But as a software developer, we have to deal with the same question every day. I am talking about dependencies. Should we write the source code by ourselves or just adding the next dependencies? Who will be responsible for removing bugs, and what is the total cost of this decision? But first, let's take a look at the make-or-buy association inside the full tech-stack.

java security kotlin

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

How to Install OpenJDK 11 on CentOS 8

What is OpenJDK? OpenJDk or Open Java Development Kit is a free, open-source framework of the Java Platform, Standard Edition (or Java SE).

How to Keep Your Java Applications Secure - DZone Security

The solution to keeping your Java applications secure is simple: make sure they stay up to date. Check out the details within.

Going Beyond Java 8: Local Variable Type Inference (var) - DZone Java

In this article, we will talk about the most important new feature introduced with Java 10, officially called local variable type inference. An extremely important function in java. You will regret skipping this article.

Kotlin vs Java | Kotlin or Java For Android Development | Kotlin And Java Difference

Kotlin and Java have showcased the cut-throat competition in the lastest Android Development. There are a lot of ambiguities amongst developers to choose one, from both. This video will help you to understand the strengths and weaknesses of both with a head to head comparison.

Kotlin vs Java | Java or Kotlin For Android Development

Kotlin vs Java will help you to understand the differences between Kotlin and Java. Time and again, many have misconceptions about both the languages in android development.