We recently published the State of Software Security Developer Guide, based on real application security testing data. Among the key takeways, the data in the report offers strong evidence that eLearning, security training, and DevSecOps practices have a positive effect on developers’ effectiveness at fixing flaws in their code. In this episode of the AppSec in Review podcast, Evan Schuman and CA Veracode’s Pete Chestna discuss the report’s key points, including what developer mitigations say about how developers respond to security findings.
Listen to the 10-minute podcast to hear Pete’s take on what the research shows about developers’ security skills, their responsiveness to security assessments, and secure development best practices. Download the State of Software Security Developer Guide for a comprehensive view of the research and what it means for developers.[nid-embed:26926]
*** This is a Security Bloggers Network syndicated blog from RSS | Veracode Blog authored by firstname.lastname@example.org (jzorabedian). Read the original post at: http://www.veracode.com/blog/managing-appsec/appsec-review-podcast-how-developers-respond-security-findings