This week it was my turn. Reluctantly I committed to the task in the daily stand up and started testing the application. I found a first bug and a strange thing happened. It felt great to find a bug. I found 11 bugs that day and I felt great about it! Normally when I find a bug this is a demotivational thing for me, because someone (often me) didn’t do his job properly, someone (possibly me) has to find some time to fix this. Not fun.
But being “The Tester” changed the game. It was my task to find bugs. The team agreed that it was a good thing to find bugs. It was fun and felt productive and since I found lots of bugs it was productive.
My recommendation for today: Don’t just do the task, be the one in charge of getting this task done and getting it done well.
Best practices for all organizations that would like to produce more secure applications!
As part of the software development process, security professionals must make choices about where to invest their budget and staff resources to ensure that homegrown applications are as secure as possible. ESG research found organizations that are considered security leaders tend to make different choices than other firms.