Ask HN: Do developers care about security?

I don't think it boring. Most of the time developers need to justify security so that would be a good change. Security needs to be part of planning and architecture considerations. Depending on the project this can be extensive or not.

This is also an all around topic for the company offering software services (not only software companies). Especially if the cloud becomes part of your infrastructure, you also might want to have subnets, server certificates and sharpened firewall rules in your internal network if you have fairly open routes to infrastructure not hosted on premise. Formerly these things are neglected for internal networks, although this would also be helpful to defend against some attacks like ransomware. It is of course a cost factor and becomes almost impossible task if you exclusively rely on external IT.

The latter part can be annoying for developers, because they often have to work their way around MITM-firewalls, download rules and other security mechanisms for development. This often creates conflict between developers and security. But not really when they have to implement security mechanisms themselves.

Most developers care. Most product managers don’t.