Learn More
Resend Email
5
Crablitz
7y

Question - my field is information security (or cyber security if you want to think of me as a time lord), but I wanted to know;
Front end and back Devs, how much time do you spend on security issues and/or implementing security measures?

undefined

question

infosec

web development
Favorite
Ranter
Comments
  • 2
    7y
    As long as you don't deal with other peoples stuff - idc about security. Anyone can view/download anything from my webserver, search files in my games etc.

    But when it comes to making an email list for example, those need to be secure. But I'm not good with that - and I don't really have such a project..
  • 4
    7y
    Security guy here as well. Commenting for future comments!
  • 0
    7y
    Quite a lot of time while bootstrapping. I'd say about a day for a simple scenario, a week for multiple authentication options, authorization management, seamless model deserialization / validation from user input.
    This does not include securing the server itself. Stuff like setting up SSL, VPNs, DNS and the rest aren't really my turf so I won't even know when I'm doing something wrong in terms of security.

    How bad is it?
  • 1
    7y
    I always use a high security standards for my websites. I used to tweak the security of the backend a lot. But now I use firebase most of the time, so that's taken care of.
  • 3
    7y
    I concatenate sql queries with + and have no intention of stopping
  • 0
    7y
    Following @Linuxxx and his idea... want to know the future answers...
  • 0
    7y
    I care a lot about security. I prefer taking a bit longer to be sure the code is safe.
    But sometimes the client wants you to work with wordpress, I cant write code to make that more secure.

    At my work Im forcing SSL, frameworks with safety features and multiple talks with fellow devs about the login structure and saving data to avoid any leaks.
  • 0
    7y
    I try to always keep security in mind, when working on endpoints or ui. But if feel good security practices often neglected in education. Can anyone of you it-sec guys recommend a good in-depth read on what to keep an eye on during development?
  • 0
    7y
    @sylflo thanks, i know the basics. I'm just interested in an more in-depth read
  • 0
    7y
    I only asked as I used to do security stuff (db access, CSRF and SQL injection protection) for my own web related projects but I've now pivoted to infosec. Responses were lovely. Dankeschön!
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment