One of the biggest mistakes companies make when hiring freelance and permanent developers is not checking how good their security knowledge is. Often during the interview process they’ll check that candidates can write good code from a development perspective and mostly ignore the security aspect - perhaps asking a few superficial questions about vulnerabilities before moving on. This isn’t enough. If you’re not careful you could end up hiring a security ‘n00b’ who could introduce disastrous vulnerabilities into your code base, or at least cause frustration and cost you time and money. Don’t make this mistake.
Oct 07, 13