It’s October, which means it’s Cyber Security Awareness Month (CSAM)!
To kick off CSAM in the Sonar Community, we want to focus our first Clean Code Discussion of the month (and likely a few more) on the topic of Code Security.
At Sonar, we strongly believe that developers should own Code Security, which is why we build our products for developers – who are closest to the code and can have the most impact.
And, this is a relatively new paradigm: many organizations are used to having dedicated security teams who are responsible for Code Security, or only performing security audits long after the code has been delivered into production.
We want to know – what does this look like where you’re developing software? Do developers own Code Security? Somebody else? Is it a shared responsibility?