"2017: Security Was Not an Afterthought"
Recent major industry breaches emphasize the importance of implementing security into the software development and software operation (DevOps) process. However, developers lack the skills to perform secure coding due to inadequate security education, according to CA Veracode and DevOps.com’s 2017 DevSecOps Global Skills Survey. Organizations are encouraged to provide developers with proper security training beyond what it is offered by formal education in order to keep up with the constantly evolving threat landscape. This article further discusses the need for increased support for security education, the concept of DevSecOps, analytics, the top 10 most critical web application security risks highlighted by OWASP, predictions pertaining to security assessments, and technologies that will pose the biggest threats in 2018.