Marvin, once a learner at BeCode, joined the BeCode team after his training as a DevSecOps coach. Besides coding, he is passionate about computer systematics and being a blacksmith. He openly talked to us about his journey at BeCode, his passion for sharing knowledge and DevSecOps.
Discover his story!
How did your life look like before joining BeCode as a coach?
“I was a former BeCode learner myself. But before that, I studied development-oriented computer science. I did one of my internships in Sweden where I have made software for cranes used in construction works. Afterwards, I worked as a freelancer and then I became coach at BeCode.”
Why did you decide to join BeCode?
“I’m a sucker for active pedagogy since it means that you never stop learning. You are obligated to teach yourself certain skills. Also, I like to share that knowledge with the juniors, which makes me a perfect fit as a coach.”
The world of IT is evolving fast. How do you look for new resources?
“To me, the philosophy behind the technology is more important than the technology in itself. This means that you have to be critical about what you are doing. You should think about how it can be done more efficiently and try to automate as much as possible. Let me explain this by giving an example. We have created online safety containers to put our codes in so that they would be protected. ”
If you have to describe BeCode in just one word, which word would it be?
In what kind of situations do you feel uncomfortable?
“I’m an introverted person. I don’t like to be the center of attention. I don’t mind standing in front of a class, but it can be funny sometimes. An example from my first class as a coach : a trainee gave a present to another coach and I knew I was going to be the next one to receive it, so I swizzled my way out of it.”
Is that the reason why you like this job since there is a lot happening behind the scenes?
“Partly, yes. I love to figure things out and create content by myself, but I really don’t mind working together with people to manage a project. This is actually an important part of your job as a programmer or developer. If you have created a new code and someone else needs to secure it, you do need to communicate with each other in order for this to work out.”
“I’m a sucker for active pedagogy”
We know you are a DevSecOps coach, but what does DevSecOps mean to you?
“DevOps means taking your application to the end user, Sec refers to ensuring that the code and the infrastructure are secured. But as a DevSecOps, it’s also important to manage the project as a whole with a bird’s eye view. We usually speak of a life cycle of an application since an application is never finished. Each time you add a new feature, you are still improving the previous ones. For example, you can send your app to Github, where it will be tested automatically. Afterwards it will be enrolled on a server, so that new features can be added.”
What is Github?
“It is a platform that allows people to code together. But there’s also a history feature, which makes it possible for you to go back in the coding history, just like in Google Docs.”
“DevOps means taking your application to the end user, Sec refers to ensuring that the code and the infrastructure are secured”
How would you explain the security aspect of the DevSecOps training to someone who doesn’t know a thing about it?
“As I might have mentioned before, DevSecOps is an iteration of the DevOps movement. The original aim is to see an application run, with as little friction as possible, from development to production. Now, however, there is also a need to implement security directly within the DevOps cycle. At BeCode and especially in our DevSecOps course participants learn how to code securely. That is having a clean code, respecting good practices, following the OWASP recommendations and being able to audit code for vulnerabilities and grasping how to secure the servers, networks and tools serving the code to the end user and into production. In short, we focus on making sure that both the code (Dev) and the infrastructure (Ops) ensure a secure application’s lifecycle.”
Why should someone follow the DevSecOps training?
“If you are a developper, you would really benefit from following this training. DevSecOps is mainly about automating processes in the lifecycle of an app. If this is your goal, then you should definitely follow this advanced training.”