{"id":559,"date":"2025-03-26T20:12:14","date_gmt":"2025-03-26T20:12:14","guid":{"rendered":"https:\/\/www.techrepublic.com\/?p=4299844"},"modified":"2025-03-26T20:12:14","modified_gmt":"2025-03-26T20:12:14","slug":"developer-perspectives-on-improving-appsec","status":"publish","type":"post","link":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/","title":{"rendered":"Developer Perspectives on Improving AppSec"},"content":{"rendered":"<h2><span class=\"ez-toc-section\" id=\"Analyzing_the_Results_of_Jits_Developer_Survey\"><\/span>Analyzing the Results of Jit\u2019s Developer Survey<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Even in companies with large, dedicated security teams, a successful AppSec program begins and ends with developers. Dev teams face many hurdles in their quest to write secure code and resolve code security issues, including complex app architectures, a lack of time and training, and an organization that prioritizes release speed over security. To uncover these pain points and learn how companies can better support dev teams, Jit conducted a survey of 150 developers across industries and company sizes to ask what developers think about AppSec in 2025. Let\u2019s dive into the results.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Overcoming_the_Biggest_AppSec_Challenges\"><\/span>Overcoming the Biggest AppSec Challenges<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When asked to rank the biggest code security challenges, developers selected the <strong>complexity of modern app architecture<\/strong> as their top choice. They defined complexity in a variety of ways, including understanding the security nuances of many different services and technologies, managing the security of many different integrated services, and mitigating known vulnerabilities within interconnected dependency chains. These complexities are more difficult for developers to overcome due to a <strong>lack of knowledge, training, and guidelines, a lack of organizational priority, and a lack of time<\/strong>, the next three top-ranked challenges.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4299897\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges.png\" alt=\"The biggest challenges faced when it comes to securing code.\" width=\"745\" height=\"496\" srcset=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges.png 745w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges-300x200.png 300w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges-50x33.png 50w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges-370x246.png 370w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges-270x180.png 270w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges-740x493.png 740w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/appsec-challenges-540x360.png 540w\" sizes=\"auto, (max-width: 745px) 100vw, 745px\"><\/p>\n<p>One way to help reduce complexity is by utilizing an automated security testing platform that unifies all the different scanners needed for AppSec in one place. For example, Jit combines 10 out-of-the-box scanners along with custom tests in a single platform. It works across all major programming languages and cloud infrastructures to reduce integration headaches. Jit also uses the runtime context of detected security issues to triage and prioritize each risk, providing simplified dashboards where developers can easily view and mitigate vulnerabilities. Jit even provides automated fix suggestions so developers can quickly resolve issues with one click, even without specialized security training.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Automated_Tools_to_Help_Developers_Secure_Their_Code\"><\/span>Automated Tools to Help Developers Secure Their Code<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When asked what they believe are the most impactful strategies to secure their code, developers ranked <strong>automated testing (SAST, SCA, Secrets detection) in the CI\/CD pipeline or IDE<\/strong> at the top by a clear margin.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4299898\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools.png\" alt=\"Ranking of what developers believe are the most impactful strategies to secure their code.\" width=\"735\" height=\"527\" srcset=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools.png 735w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-300x215.png 300w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-50x36.png 50w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-370x265.png 370w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-270x194.png 270w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-540x387.png 540w\" sizes=\"auto, (max-width: 735px) 100vw, 735px\"><\/p>\n<p>Developers were also asked how their company supports them in building secure applications, and the top answer was <strong>implemented security scanners<\/strong>. These results indicate that most developers already have automated security tooling in place and find these solutions more helpful than manual code reviews, security awareness programs, and other measures that take up precious time. Automated scanners don\u2019t just save time; they also frequently catch issues that human reviewers might miss.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4299899\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-2.png\" alt=\"Results from developers who were asked how their company supports them in building secure applications.\" width=\"698\" height=\"462\" srcset=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-2.png 698w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-2-300x199.png 300w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-2-50x33.png 50w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-2-370x245.png 370w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-2-270x179.png 270w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/automated-tools-2-540x357.png 540w\" sizes=\"auto, (max-width: 698px) 100vw, 698px\"><\/p>\n<p>However, automated scanners can create additional complexity if not properly integrated into the CI\/CD pipeline or development environment. Many solutions are also known for generating a large number of false positives that developers have to sort through to prioritize the real risks.<\/p>\n<p>In addition to providing seamless integrations with development and security tools, Jit\u2019s automated testing platform helps reduce complexity with Contextual Prioritization. This feature prioritizes code and cloud security issues based on their runtime and business context, providing automated risk scoring to help developers separate the signal from the noise and reduce false positives.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"How_Dev_Teams_Overcome_Knowledge_Gaps\"><\/span>How Dev Teams Overcome Knowledge Gaps<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Developers usually aren\u2019t security experts, so it\u2019s important to understand where they go to answer code security questions. Interestingly, many developers turn to outside sources, including <strong>online documentation<\/strong> from vendors and trade publications as well as <strong>forums, blogs, and communities<\/strong> like Stack Overflow and Reddit.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4299900\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/overcome-knowledge-gaps.png\" alt=\"Graph showing results of the question posed to developers: &quot;Where do you go to answer code security questions?&quot;\" width=\"725\" height=\"402\" srcset=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/overcome-knowledge-gaps.png 725w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/overcome-knowledge-gaps-300x166.png 300w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/overcome-knowledge-gaps-50x28.png 50w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/overcome-knowledge-gaps-370x205.png 370w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/overcome-knowledge-gaps-270x150.png 270w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/overcome-knowledge-gaps-540x299.png 540w\" sizes=\"auto, (max-width: 725px) 100vw, 725px\"><\/p>\n<p>These sources don\u2019t appear to be enough to help dev teams overcome code security knowledge gaps based on the answers to the following question:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4299901\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/knowledge-gaps-2.png\" alt=\"A graph displaying poll results from developers.\" width=\"730\" height=\"431\" srcset=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/knowledge-gaps-2.png 730w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/knowledge-gaps-2-300x177.png 300w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/knowledge-gaps-2-50x30.png 50w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/knowledge-gaps-2-370x218.png 370w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/knowledge-gaps-2-270x159.png 270w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/knowledge-gaps-2-540x319.png 540w\" sizes=\"auto, (max-width: 730px) 100vw, 730px\"><\/p>\n<p>Only 7% of participants strongly agree that they can consistently and independently deliver secure code, indicating a need for better tooling and resources. For example, Jit\u2019s platform provides a simplified developer UX that integrates the entire code security scanning and remediation process into the dev environment. It provides automatic feedback on the security of every code change and offers automatic remediation, making it easy for developers to proactively and independently secure their code.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Getting_Developers_More_Involved_in_Security\"><\/span>Getting Developers More Involved in Security<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When asked how frequently they\u2019re involved in application security-related activities during the development lifecycle, such as security reviews, issue resolution, and threat modeling, a whopping <strong>62% of participants<\/strong> responded with a few times a year or never. While initially surprising, this result makes sense when compared to question number one \u2013 with a lack of time, training, and organizational prioritization, it\u2019s no wonder that developers aren\u2019t more involved. Participants specifically noted that security is frequently deprioritized in favor of feature delivery.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4299902\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved.png\" alt=\"Poll asking developers how frequently they\u2019re involved in application security-related activities during the development lifecycle.\" width=\"746\" height=\"403\" srcset=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved.png 746w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-300x162.png 300w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-50x27.png 50w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-370x200.png 370w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-270x146.png 270w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-740x400.png 740w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-540x292.png 540w\" sizes=\"auto, (max-width: 746px) 100vw, 746px\"><\/p>\n<p>Developers were asked to describe the collaboration between their company\u2019s development and security teams, and most reported moderately positively. Only 8% of participants described their collaboration as excellent and without need for improvement.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4299911\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-2.png\" alt=\"Graph of poll results on collaboration between a company's development and security teams.\" width=\"720\" height=\"457\" srcset=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-2.png 720w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-2-300x190.png 300w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-2-50x32.png 50w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-2-370x235.png 370w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-2-270x171.png 270w, https:\/\/assets.techrepublic.com\/uploads\/2025\/03\/getting-developers-involved-2-540x343.png 540w\" sizes=\"auto, (max-width: 720px) 100vw, 720px\"><\/p>\n<p>A lack of involvement and only moderate collaboration become more alarming in relation to the results of the next question. When asked how strongly they agree or disagree with the following statement: \u201cI have full visibility into the security of my services and the most critical security vulnerabilities that need to be resolved,\u201d <strong>47% of developers<\/strong> did not agree to some extent.<\/p>\n<p>What\u2019s needed is a platform like Jit that puts AppSec into the hands of developers without adding friction to their workloads. Jit\u2019s dev-native UX, automated remediation, and simplified dashboards give developers full visibility and control over code security while meeting accelerated delivery schedules.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Improving_the_Security_Culture_Within_Dev_Teams\"><\/span>Improving the Security Culture Within Dev Teams<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The results of the previous questions all highlight a lack of security culture within development teams, and when asked directly to describe the security culture, developers agreed. <strong>61% of participants<\/strong> responded that security is only \u201csomewhat important\u201d or not a priority at all in their culture, and AppSec wasn\u2019t integrated into their routines. There was a correlation between a stronger security culture and developer confidence in their ability to deliver secure code, showing how important it is for organizations to balance priorities between security and delivery.<\/p>\n<p>Jit\u2019s unified testing platform and dev-friendly UX help organizations implement an automated and practical AppSec program that is simpler for developers to adopt. It\u2019s easy integrations and one-click activation make it less difficult to prioritize security while also delivering new features on schedule.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Jit_Helps_Developers_Consistently_and_Independently_Deliver_Secure_Code\"><\/span>Jit Helps Developers Consistently and Independently Deliver Secure Code<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Jit helps developers secure their own code while reducing complexity with a unified platform of more than 10 out-of-the-box security scanners. By fully integrating into CI\/CD pipelines and developer environments, it reduces the friction between dev and security and improves the impact that automatic testing has on developer workloads. Jit\u2019s Context Engine helps developers triage and focus on high-risk issues while filtering out the false positives, allowing them to meet day-to-day AppSec requirements while delivering features quickly. Jit\u2019s unified testing platform and simplified dashboards enable organizations to prioritize security without delaying development cycles.<\/p>\n<p>To Gain More Insights, Download Our Report: <a href=\"https:\/\/www.jit.io\/survey\" target=\"_blank\" rel=\"noopener nofollow sponsored\">What Developers Think About Security in 2025 \u2013 and Why It Matters<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Analyzing the Results of Jit\u2019s Developer Survey Even in companies with large, dedicated security teams, a successful AppSec program begins and ends with developers. Dev teams face many hurdles in their quest to write secure code and resolve code security issues, including complex app architectures, a lack of time and training, and an organization that [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":560,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-559","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Developer Perspectives on Improving AppSec - TecnoArtesanos Tech Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Developer Perspectives on Improving AppSec - TecnoArtesanos Tech Blog\" \/>\n<meta property=\"og:description\" content=\"Analyzing the Results of Jit\u2019s Developer Survey Even in companies with large, dedicated security teams, a successful AppSec program begins and ends with developers. Dev teams face many hurdles in their quest to write secure code and resolve code security issues, including complex app architectures, a lack of time and training, and an organization that [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/\" \/>\n<meta property=\"og:site_name\" content=\"TecnoArtesanos Tech Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-03-26T20:12:14+00:00\" \/>\n<meta name=\"author\" content=\"Sergio Morales\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sergio Morales\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/\",\"url\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/\",\"name\":\"Developer Perspectives on Improving AppSec - TecnoArtesanos Tech Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/developer-perspectives-on-improving-appsec.png\",\"datePublished\":\"2025-03-26T20:12:14+00:00\",\"author\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#primaryimage\",\"url\":\"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/developer-perspectives-on-improving-appsec.png\",\"contentUrl\":\"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/developer-perspectives-on-improving-appsec.png\",\"width\":745,\"height\":496},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.tecnoartesanos.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Developer Perspectives on Improving AppSec\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#website\",\"url\":\"https:\/\/blog.tecnoartesanos.com\/\",\"name\":\"TecnoArtesanos Tech Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.tecnoartesanos.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807\",\"name\":\"Sergio Morales\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g\",\"caption\":\"Sergio Morales\"},\"sameAs\":[\"https:\/\/sergiomorales.space\"],\"url\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/author\/sergiomorales\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Developer Perspectives on Improving AppSec - TecnoArtesanos Tech Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/","og_locale":"en_US","og_type":"article","og_title":"Developer Perspectives on Improving AppSec - TecnoArtesanos Tech Blog","og_description":"Analyzing the Results of Jit\u2019s Developer Survey Even in companies with large, dedicated security teams, a successful AppSec program begins and ends with developers. Dev teams face many hurdles in their quest to write secure code and resolve code security issues, including complex app architectures, a lack of time and training, and an organization that [&hellip;]","og_url":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/","og_site_name":"TecnoArtesanos Tech Blog","article_published_time":"2025-03-26T20:12:14+00:00","author":"Sergio Morales","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Sergio Morales","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/","url":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/","name":"Developer Perspectives on Improving AppSec - TecnoArtesanos Tech Blog","isPartOf":{"@id":"https:\/\/blog.tecnoartesanos.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#primaryimage"},"image":{"@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/developer-perspectives-on-improving-appsec.png","datePublished":"2025-03-26T20:12:14+00:00","author":{"@id":"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807"},"breadcrumb":{"@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#primaryimage","url":"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/developer-perspectives-on-improving-appsec.png","contentUrl":"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/developer-perspectives-on-improving-appsec.png","width":745,"height":496},{"@type":"BreadcrumbList","@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/developer-perspectives-on-improving-appsec\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.tecnoartesanos.com\/"},{"@type":"ListItem","position":2,"name":"Developer Perspectives on Improving AppSec"}]},{"@type":"WebSite","@id":"https:\/\/blog.tecnoartesanos.com\/#website","url":"https:\/\/blog.tecnoartesanos.com\/","name":"TecnoArtesanos Tech Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.tecnoartesanos.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807","name":"Sergio Morales","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g","caption":"Sergio Morales"},"sameAs":["https:\/\/sergiomorales.space"],"url":"https:\/\/blog.tecnoartesanos.com\/index.php\/author\/sergiomorales\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/posts\/559","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/comments?post=559"}],"version-history":[{"count":0,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/posts\/559\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/media\/560"}],"wp:attachment":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/media?parent=559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/categories?post=559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/tags?post=559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}