What do you do with a software engineer that writes very insecure code?

Posted by The Rook on Stack Overflow See other posts from Stack Overflow or by The Rook
Published on 2010-04-14T01:43:02Z Indexed on 2010/04/14 1:53 UTC
Read the original article Hit count: 296

Filed under:

security

I am the manager of a small team of software engineers. One member of this team write very insecure code. I have tried showing him documentation like the OWASP Top 10, but he just doesn't get it. I can't knowingly put vulnerable code into production. So what do I do with this programmer?

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More

Developer IT

What do you do with a software engineer that writes very insecure code? - Developer IT

What do you do with a software engineer that writes very insecure code?

security

Related posts about security

sudo apt-get update errors

The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

StackOverFlowError while creating Mac object on AS400/Java

Google App Engine - Spring Security Issue (java.security.AccessControlException)

Categories cloud