By: Paul Farrington, chief product officer, Glasswall
September 14-20 marks National Coding Week — a time to celebrate the ever-increasing impact of coding across all industries and organizations around the world. In today’s digital world, it is more important than ever to encourage people of all ages to get involved in software development.
There is an abundance of choice and diversity in how a developer can leverage software components, cloud services and deployment patterns today. There’s probably never been a more exciting time to create software. Although, because there is so much freedom of choice for developers, with this comes a degree of security risk.
For developers, a simple but crucial first step in securing code is to turn on automated scanning of third-party components, so that any vulnerable code is flagged immediately. There are plenty of cost-effective software composition analysis (SCA) solutions available for this, and some are free.
One of the most important aspects of software development when it comes to achieving ‘secure by design,’ is to ensure developers have the tools they need at the time they are writing code, as they are still in-context. Deploying security tools sometime after, when a developer may have closed their laptop for the day, or even completed the whole project, is far too late.