Tag

Devops

Browsing

The software development landscape changes constantly. New areas of specialization, technologies, and methodologies pop into existence every few months, forged by the relentless innovation of the software industry. With it, terms to describe specialized types of developers become part of the unofficial industry lingo and show up in job ads and corporate titles.

Before the existence of the internet, many of these specializations didn’t exist. The worldwide web has shifted most aspects of our lives, including revolutionizing the career paths of software engineers.

There isn’t an official industry glossary of terms. Understanding the skills that each type of developer needs to have is confusing to newcomers, and can be intimidating to non-technical people.

The cheat sheet below highlights the 3 major It Developer categories

Other tiers similar to frontend, backend and full-stack developer include Middle-Tier Developer,   which is a developer who writes non-UI code that runs in a browser and often talking to non-core code running on a server. In general, middle tier is the “plumbing” of a system. The term middle-tier developer is used to describe someone who is not specialized in the front-end or the back-end but can do a bit of both, without being a full stack developer. Only rarely engineers have this as a title, as it is more of a description of a skill set than a career path.

 

In the cybersecurity world today, with cybercriminals operating like a penetration tester in the way they scope out the network looking for vulnerabilities and weak entry points, those responsible for IT security will once again need to adjust their strategy and defenses. The Sophos 2019 Threat Report detailed how criminals are now “staking out” victims, moving laterally throughout the network, manipulating internal controls to reach their objectives with stealth. As endpoint protection has improved, so criminals are on the lookout for the next weak entry point. The focus can no longer be on protection and detection, but also intelligent and automated response that provides lateral movement protection to isolate an attack moving through the network. Sophos CISO Ross McKercher outlines the Top 5 Cybersecurity Predictions for 2019.
With cyber criminals constantly on the lookout for weak entry points, the cybersecurity focus needs to shift from protection and detection to intelligent and automated responses that isolate a cyberattack.
  1. Security teams will need more development and engineering skills

Security teams used to focus on firewalls and endpoints and many security professionals cut their teeth as system and network administrators. Nowadays infrastructure is defined by code, breaches are increasingly caused by weak applications and automation is essential for under-staffed teams. This is changing the skillset required by security pros. We now also need to have a deep understanding of applications and an ability to build automation into our tools and processes.

  1. Organisations will up their focus on software supply chains

Everyone relies a huge amount nowadays on Open-source libraries that are often maintained very informally by loose-knit communities that are easy to infiltrate. This used to be the domain of nation states but the criminals are getting in on the action.

  1. AppSec will continue to grow

We are getting better at protecting Endpoints and attackers are shifting their focus. Legacy applications will continue to be a fertile hunting ground!

  1. Threat Hunting really will be driven by ML

Bit of a cliché but ML will no longer be something that you just buy. Tools & techniques that were previously the domain of data science experts are getting easier to use. Won’t be long before larger SOC teams are using the tools directly rather than via models that are embedded in products.

  1. Zero-trust starts to become achievable

The tools, knowledge and technologies for achieving a true Zero-trust architecture are rapidly maturing. Maybe like nuclear fusion – 15 years away and always will be but 14 years after the Jericho forum declared the end of the network perimeter we are getting close the point where many enterprises have a realistic chance of keeping their clients off “trusted” networks, particularly non-technical employees.

Source: DataQuest