Skip to content

Cybersecurity Tips for Developers

Posted by: GuidePoint Security

2 min read

July 23, 2022 – Published on DevPro Journal

Software developers should keep the following four trends in mind when it comes to securing their solutions.

1. Shift to the Zero Trust Model

More businesses are moving to the Zero Trust model; however, as Joe Leonard, CTO and VP of Security Strategy at GuidePoint Security, points out, it also takes a shift in culture and adapting processes to be effective.

“The traditional security model operated with implicit trust where everything was allowed unless it was known to be bad. Zero Trust implements a granular least privilege per-request access, where only those specified as needing access get access,” he says. “Organizations need to educate their employees on why the shift to Zero Trust is needed and relate it to how it can help them be more productive. At the end of the day, employees are focused on doing their jobs much more so than on prioritizing security. It’s critical to educate users on this shift and help them understand how this will ultimately allow them to be more efficient in their job responsibilities.”

He adds, “Transitioning from the traditional cybersecurity approach to one based on a Zero Trust model, also requires a shift from a manual, static environment to one with more automation and integration of processes and systems that enables dynamic policy enforcement based on a user’s behavior in real-time to determine access. It’s important to build in as much automation as possible so that controls are transparent to the end users.”

2. Leverage Threat Modeling

Victor Wieczorek, VP, AppSec and Threat and Attack Simulation at GuidePoint Security, predicts, “Threat modeling is front and center in 2022 from an AppSec perspective. Not only is it now part of the OWASP Top 10, but the earlier you can identify design-related flaws and potential threats, as well as implement effective compensating security controls to mitigate those threats, the better you will be from both a security personnel’s and an application owner’s perspective.”

Read More HERE.

Categories: Cybersecurity News

GuidePoint Security

Zero Trust: Keep Watching the Skies
For the past 20 years, the idea of ‘trust’ in the world of information security was the reason for deciding […]
Download

Related Articles

View All

  • Identity & Access Management
Zero Trust: Keep Watching the Skies
Read More < 1 min read
  • Application Security
Application Threat Modeling
Read More < 1 min read
  • Cybersecurity
Zero Trust Workshops
Read More < 1 min read