I am an active member of the open source community in India and we regularly have summits in Mumbai, Delhi, Bangalore in India. I am forwarding this to the organizers. This is definitely a pretty useful information source.
Hey Sam, great post. You are definitely right on the money when you mention about security debt. However I would like to believe that the onus is just not on the developers to not ensure security debt but also on the companies involved.
In the race to get a minimum viable product (MVP) to the market, a lot of companies force their devops teams to leave out the finer details and work on bugs as they occur.
This is what comes to haunt them back in future but then again it is a tough choice that businesses have to make - Do they build out a product with an extremely strong base which may potentially delay market launch, lead to more time spend or escalate costs or do we launch a product and then work on fixing it.
Authored Comments
I am an active member of the open source community in India and we regularly have summits in Mumbai, Delhi, Bangalore in India. I am forwarding this to the organizers. This is definitely a pretty useful information source.
Hey Sam, great post. You are definitely right on the money when you mention about security debt. However I would like to believe that the onus is just not on the developers to not ensure security debt but also on the companies involved.
In the race to get a minimum viable product (MVP) to the market, a lot of companies force their devops teams to leave out the finer details and work on bugs as they occur.
This is what comes to haunt them back in future but then again it is a tough choice that businesses have to make - Do they build out a product with an extremely strong base which may potentially delay market launch, lead to more time spend or escalate costs or do we launch a product and then work on fixing it.