Last but not least, after Spectre and Meltdown, the question arises: „Would I already be hacked or have I just not noticed it yet? So why not make a virtue out of necessity and adopt your own systems? The learning curve is steep, but it helps to recognize and minimize risks.
It is essential that security know-how is built up in the team. The first step is to create an awareness of the problem. Especially for agile teams it is therefore important to establish different control points with automatic security tests. In addition to static code analyses, however, it helps enormously to get yourself into the role of the attacker.
Read more at medium.