Security engineering and software engineering teams have much to learn from each other, as two Salesforce employees learned in a “professional role reversal” that taught them how both teams can work together more efficiently and better collaborate on building secure software.
As part of the swap, reported by DarkReading, principal security engineer Craig Ingram was dropped into the Salesforce runtime team. Principal infrastructure engineer Camille Mackinnon joined the platform security assessment team. In a Black Hat briefing on Aug. 5, the two shared stories and lessons learned.
Planning and prioritization were two big takeaways from Ingram’s period on the runtime team. Engineers spent much of their time looking at competing priorities and deciding what they were going to work on: There were new features they had to develop — bug fixes to improve scalability and performance in their platform. Of course, security also came around requesting bug fixes.