Software Integrity Blog


7 ways software developers can upgrade their skills in 2016

The demand for highly skilled, qualified software developers is growing at a rapid rate. In fact, the market for developers is expected to grow 17% within the next 10 years, much faster than the demand growth of other occupations.

While job opportunities may be easier to come by, software engineering is becoming an increasingly competitive field where differentiation is critical. With the wide variety of language and platform choices available to developers today, it can be difficult to determine where to invest your time and energy. Let’s start with some basics:

Know what you don’t know

No one has time to achieve proficiency across every language and in every framework. Learn your strengths and identify a few areas for improvement. Maybe you want to learn a new programming language like Python, C#, Ruby, or JavaScript (which just so happen to round out the top salary-earning languages according to the 2015 Course Report).

Perhaps you want to learn a couple few tricks to save you time, or find a new open source library to eliminate some of your more monotonous tasks. Focus on small goals that are meaningful to you right now.

Take advantage of the resources that are available to you and keep yourself up to date and stay involved in the latest industry news. Developer blogs from some of our favorites authors such as Paul Irish, John Resig, and Dan Shaw, update their blog streams regularly with industry news and relevant conversation.

We also recommend social media sites like Twitter and Stack Overflow, and even training courses offered by your company. Team Treehouse, Code Academy, Code School, and Full Stack Academy of Code have a wide assortment of classes and boot camps to help you amped up your skills.

Knowing what you don’t know will focus your attention to the areas that matter the most to your personal growth and improvement that reach beyond just coding language and frameworks.

Never be the smartest person in the room

Developers are constantly surrounded by other intelligent, like-minded individuals. Why not tap into the knowledge of those sitting right next to you? Collaboration is a great way to learn from other software developers and allows you to diversify the ways you accomplish tasks.

Pair programming is an excellent way to improve developer skills, but not always practical. Luckily, there are dozens of collaboration tools available, from Slack and HipChat to Stack Overflow. Many of these products are designed to let you get solicit feedback while you’re in the middle of a project or tackling a particularly tough problem.

Safer apps: Yes you can!

Most developers don’t see security as a skill, but it is. Done well, writing securely actually allows you to write code faster, and eliminates final-hour edits or worse, releasing a code base that’s easy to break into.

These skills are increasingly in demand, and an easy way to set yourself apart in a complicated and competitive job market. A 2015 survey run by Kaspersky Lab and B2B International found that 90% of companies surveyed admitted to experiencing a security “incident” and 46% of the same companies confirmed that they had lost sensitive data to an internal or external threat. These types of incidents are costly to organizations and cost an estimated $38,000 – $551,000.

Developers who can help prevent these kinds of incidents are inherently valuable to companies, particularly those in traditionally risk-averse industries like healthcare and finance.

  1. Study success stories
    Every company, everywhere, struggles with security. There is no reason to waste valuable time reinventing the wheel, when expert guidance is already available for you. We recommend helpful tools such BSIMM. BSIMM shows you how real world security initiatives are organized so you can evolve your efforts over time.
  2. Know your stack
    Software developers are not naive, so it is critical to recognize that there is no technology that is free from security problems. In today’s world of open source software, the threat is ever rising. Take the necessary time to take an inventory of your stack and learn the risks inherent to each framework, language, third-party service, and OSS.
  3. Add security to your “definition of done”
    Writing “use” cases is part of your daily process, so why not incorporate the practice of writing “abuse cases”? Train your brain to start thinking like an attacker. Ask yourself questions like “Why would someone want to exploit my code?” and “How would they go about breaking in?” Put your hacker hat on and start building security into your application.
  4. Take a course
    It sounds crazy, we know. When would you possibly have the time to take a course? Let’s rethink the way we approach our higher education, and make a commitment to at least an annual training. We recommend tools that incorporate and reinforce training regularly and continuously. Learning security best practices is a lot easier when you are actually writing the code.
  5. Add a tool to your development process
    Code reviews are great, but can be infrequent and inconsistent. We recommend you look for a tool that automates code reviews and integrates with your build process or—even better—your IDE. This will save you hours of triaging and catch 80% of the easy issues before they leave your dev environment.

Zoom in on defects in your IDE with Coverity.


More by this author