GOTO - The Brightest Minds in Tech Security & Developer Experience: Can We Have Both? • Abby Bangser, Adrian Mouat & Holly Cummins
11 snips
Mar 10, 2026 Adrian Mouat, a security-focused developer-relations pro and author of Using Docker, and Abby Bangser, a platform engineering lead working on Kratix, discuss balancing security with developer experience. They cover why security feels fear-driven, embedding security into platforms with sensible defaults, supply chain and open-source risks, incentives and ownership models, and practical practices like chaos, on-call, and tooling to make secure work smoother.
AI Snips
Chapters
Books
Transcript
Episode notes
Platform Engineering Makes Security Invisible
- Security often feels like oxygen: needed but invisible when done well.
- Abby frames platform engineering as the way to deliver security as part of developer experience by shorting the stack and owning sensible defaults.
Overprotection Drives Shadow IT
- Excessive locking down creates shadow IT and insecure workflows, like employees sending proprietary screenshots over insecure channels.
- Abby and the audience shared real examples where strict access controls pushed people to unsafe alternatives.
Shift Security Left With Defensive Coding
- Shift security left and build it into the product from the start instead of retrofitting afterwards.
- Encourage defensive coding (validate inputs, assume malicious users) so application teams handle data safety at development time.
