If you are a developer, software engineer, architect, or act in any other software development role, you must always be worried about security. That is something you should consider from the first diagrams until the end-of-support of your software.
Unfortunately, some teams delegate the security responsibility to the security team. I understand that they are responsible for the security. Still, they should be the last gate, identifying only a few complicated issues.
Other groups delegate this responsibility to the security analyzers running in the CI/CD pipeline. Still, the analyzers should not be there to tell you what your job is. They should be there to certify that you did your job…
This article is written by Daniel Bojczuk. Read the full article on the WAES Medium blog.