What is Security in the Community?
This is a guide that shows developers how to improve learning about security using online Q&A sites like Stack Overflow.
Why should I use this?
Developers can find it hard to engage with security; it’s typically taught in terms of checklists and things that can go wrong, and that's hard to relate to. Especially when there are no security experts available, developers—especially programmers—have few options other than to learn from the web, and services like Stack Overflow have a worrying reputation for delivering poor security advice.
These materials show how your developers can learn effective security from such services, by selecting good advice and engaging with other users.
How can it be used?
The pack includes the guide in three versions, that provide tips and information in different levels of detail. We suggest you make them all available to the developers in your team, to use in their own time:
- When they have five minutes, using the web version;
- As poster to read in the coffee break; or
- As a video displayed on an open screen.
This activity might be right for you if you want:
- A simple way to help developers;
- Continued education in the workplace; or
- To bring online security conversations into your team discussions and practice.