Developers will never be responsible for all of security in an organization, but if they keep up with best practices, resources, and find new ways to secure and deliver good code, they could play a key role in developing resilient software.
Today, most firms have a software security group (or SSG) or a product security group, and they are the team that is responsible for making software security happen. However, they work alongside developers to make sure they too are aware of security best practices, like how to write secure code and do threat modeling.
Click here for the full article.
