BOOK THIS SPACE FOR AD
ARTICLE AD2. August 2021
This article has been indexed from Security Boulevard
This interview was cross-posted from the Veracode Community.
With his third consecutive championship in the Secure Coding Challenge – the monthly coding competition in the Veracode Community – Hans Dam is the first in the community to clinch the title of Secure Code Champion. We spoke with him about his experience in the coding competitions and his career growth from a software developer to a DevSecOps manager.
As DevSecOps manager currently working at Explorance, Hans manages the DevOps and AppSec teams and is responsible for managing internal application security scans, improving internal processes with automation, and developing tools for deployment and monitoring. His strong passion for DevOps and automation is at the core of his current role.
What makes Hans the first Secure Code Champion and how did he get application security under his belt? In this interview, Hans shares his takeaways from the Secure Coding Challenges and his advice for developers looking to break into the security world.
About your experience in the Secure Coding Challenge
What brought you to Veracode’s Secure Coding Challenge?
The company I work for, Explorance, was offered a demo of Veracode Security Labs, and I found the gamification aspect of Security Labs exciting. Unfortunately, during the demo, we did not set it up as a competition. Because of this, when Veracode announced a competition involving security best practices and programming, I was hooked.
What did you find most valuable in participating in the Challenge?
I really like the diversity of programming languages and frameworks used in Veracode Security Labs. I had not touched Go, Flask, or Scala code before I participated in the Secure Coding Challenges. Additionally, it’s always nice to brush up on the basics including OWASP TOP 10 vulnerabilities.
What’s your suggestion for participants to stand out in the competition?
Know that you don’t have to complete every step described in each Lab. For example, if you make a code change you don’t always have to run and test your solution. Many times, it is enough to simply save the file.
About your experience becoming a DevSecOps Engineer
How have you grown from a software developer into a DevSecOps engineer? What are the skillsets and knowledge required for this career change? How did you acquire those skills?
I started at Explorance as a software developer, devel
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.