Don't Be A Naive Developer: How To Avoid Basic Cybersecurity Mistakes
A developer used their personal email for work. A simple social engineering attack later, all client credentials were stolen.
#1about 2 minutes
Why developers make basic cybersecurity mistakes
The talk will cover common security errors made by developers, the importance of correct terminology, and the conflict between functionality and business risk.
#2about 6 minutes
Moving beyond the "it just works" developer mindset
Developers must shift from prioritizing simple functionality to understanding the underlying infrastructure and building secure, robust solutions from the start.
#3about 3 minutes
Differentiating between a developer and a programmer
A developer has a broader range of responsibilities including project management, whereas a programmer is focused on specific coding tasks.
#4about 4 minutes
Understanding the internet's inherent insecurity
Core internet protocols like DNS and BGP were not built for security, and human behavior is a far greater risk than the technology itself.
#5about 3 minutes
A social engineering attack using a personal email
A simple social engineering attack demonstrates how using personal email for business communication creates significant security vulnerabilities.
#6about 6 minutes
Five common cybersecurity mistakes developers make
Developers often exhibit risky behaviors like overconfidence, poor password management, account sharing, and improper use of third-party libraries.
#7about 4 minutes
The clash between business pressure and security reality
Business pressures often force developers to launch products with known bugs or security flaws simply to meet deadlines and get paid.
Related jobs
Jobs that call for the skills explored in this talk.
Dev Digest 216: CyberSec + Mythos, Stack Overflow for Agents & DOOM in TTFInside last week’s Dev Digest 216 .
🧠 Prompts are now tools in Chrome
📜 The AI Coding Agent Manifesto
🔐 How Claude Mythos changes Cyber Security
🧱 GitHub Stacked PRs to battle AI slop
⚙️ Git commands to run before reading code
🐍 A Python framework f...
Daniel Cranney
The Overflow: 5 Security and Privacy Tools for DevelopersWe’re back again with another edition of the Overflow, where we share some of the best tools we’ve found from around the web that we just couldn’t cram into the already jam-packed editions of the Dev Digest.
So let’s take a look at five security and ...
Dev Digest 201: Don't Stop Thinking, AI Slop vs. OSS Security, Rank ThingsInside last week’s Dev Digest 201 .
🧠 Despite AI you still need to think
🍋 Bitter lessons from building AI products
🤖 AI Slop vs. OSS security
📱 Cloning tap-to-pay on Android
🤑 Saving $500k/year by re-inventing S3
📄 AI reads manuals
🎥 Automating FFM...
From learning to earning
Jobs that call for the skills explored in this talk.
23:34
27:36
48:02
33:29
27:32
28:41
58:19
29:50
