Summer’s longer days and slower pace invite us to pick up a book, follow our questions, and try our hand at something new.
At Veracode, I get the chance to talk with our developers about the experiences that led them to the work they do today. How did they begin to cultivate the security-mindedness that they bring to their coding? Was it a book they stumbled upon, a salient moment in the wake of a security incident, the guidance of a mentor, or a podcast that drew them in? What sparked their interest in doing things differently?
We think a lot about developers, curious but unsure, staring out at the sea of information security knowledge. It can feel overwhelming trying to orient yourself to something so wide and deep. To help developers begin, we put together some of the favorite books, podcasts, blogs, and hands-on exercises of Veracoders across our development, security, and product teams. From a just-published page-turner to classic Phrack articles, there’s something here for everyone who is interested in becoming more security-minded.
My favorites on the list include the hands-on exercises recommended by Sarah Gibson, one of our application penetration testers, and a walk through some information security classics with Senior Principal Software Engineer Dan Murphy (to read the full Dive Into the Classics, please see Dan's post.
So dip your toe in or take a deep dive—happy summer and happy learning!
This is a companion discussion topic for the original entry at http://www.veracode.com/blog/secure-development/summer-reading-and-listening-dive-developers