Welcome, to the Startup Security blog.

This site is intended to become a resource for developers and others involved in a startup organization for information about security. As I’ll post in the coming days, there are a number of concerns I have about integrating security into the development lifecycle. While this is a common trend in large organizations, regardless of the development model used, it is less common in the startup world where development teams may only be composed of a couple people.

In this blog, I’ll post information about problems I’ve come across on live sites, information on secure coding, and talk about tools that can be used to not only help make security easier, but sometimes aid in the debugging of applications as well.

In addition to the technical nature of security, I’ll also discuss some of the regulatory and compliance issues a startup should be aware of. Software as a Service is popular model, but it comes with its own set of risks as well.

So welcome, startup folk. I hope you find this site useful and please let me know if there is anything in particular you would like to see discussed. In the coming days I’ll be updating various things, but it’ll settle down soon.