Assuming that developers are lazy about security is unfair. In fact, a recent DZone survey of 540 developers about application security indicated 54 percent think that they, the developers, should be responsible for security. If you’re a security pro, you probably just groaned.
Developers care about security, just not to the same degree as their information security counterparts. Security is just one of many considerations while the infosec team is continuously focused on testing and compliance. In fact, according to the same DZone survey, 60 percent said that release schedules have overridden security concerns at their organization.
The complete article can be found here.
