Developing a security mindset
A few years ago, I set out to improve my knowledge of security in web applications. It's not something I had much education in (at all!) and after an application I built was penetration tested, I knew I wanted to find out much more. I want to tell you about how I educated myself, a few things I've learned along the way, and how I've applied that to my day-to-day work as a Rails developer.
Although we might not be experts at it, general web application security knowledge is crucial for success in engineering teams. Penetration tests and bug bounties are useful, but your team is going to perform at a higher level if they can assess risks and mitigations before features even make it into the backlog. By keeping security in mind as you develop, you'll create higher-quality code that will save you from embarrassing or potentially disastrous mistakes.
So, if you've never thought too much about it, now's your chance to start learning about security, and start thinking about how your team can integrate it more into your daily workflow.