Usually devs don’t care much about security, and that has probably different reasons:

Focus on security itself doesn’t pay the bills Not always clear what being secured means Security =! my code is properly tested Often comes as an annoying byproduct of ISO27001/SOC2

But attacks and data breaches are becoming way more common, and DORA, NIS2 and the law obligation to publicly share data breaches are trying to bring the companies’ attention (and budget) back to this topic.

Leaving the legalise aside, during this talk we will cover these topics

Some real examples Your code CI/CD Your app Your production environment Framework to assess your security posture Where to Start