IT guy here, if we gave developers the option to exclude whatever the hell they wanted from AV scanning it would just mean that we would end up with computers where the entire C: drive would be excluded.
No, can’t have that.
So what should a decent IT department do to give developers the access they need to do their job while maintaining a decent level of security?
Well, the least bad solution I have worked with was to have a non generic path that was excluded by policy.
Something like C:\Excluded
The directory was excluded from AV scan and allowed in policy, the user could put what they needed there and it would be fine.
So what should a decent IT department do to give developers the access they need to do their job while maintaining a decent level of security?
Give them a Linux machine?
A machine that takes extra time and skills to manage?
This doesn’t remove security and compliance requirements for the business though. For our Linux endpoints we still deploy an AV on them and limit the user’s ability to add exclusions.
You ever worked in an average corporate job? You’re missing out on so much
The IT guys barely know Windows, they’ve most likely never even heard of Ubuntu, could you imagine such a thing :|
Huh, weird. The IT guys I work with don’t just know Windows, when I joked about wanting a Linux instead they pointed out that we have software devs using Linux too. I’d need some reason to request it, but if I know the right people (and more particularly, what their favourite snacks are), I could probably get it approved.
(Doesn’t actually help me, given I’m stuck using proprietary tools that I couldn’t get to run with wine, but at least the option is there. And that’s a big corp.)
I am a software developer at a big bank. The hoops we are forced to jump to just do our jobs are ridiculous.
We resorted to using buggy and laggy remote development environments through a slow VPN.
It’s a miserable life, but at least the pay is good.
What’s the hourly wage?
23 USD
not all are paid equally
But you’re not the one who wrote the original message
Ah, that time when my job required me to write an executable scanner, and all the AVs got jealous I was honing in on their turf.
AV running in kernel mode charges its CPU cycles to the process being monitored, instead of the AV doing the monitoring.
I got a whole bunch of “your program is slow” support tickets which were resolved by telling the client to follow the AV exclusion instructions.
“Will I have root on my dev machine” is on my list of interview questions, now.
Asking questions like that can cause hiring managers like myself to have no choice but to offer you higher pay grades, because that question is a strong signal of experience.
Experience shows that you still force me to use WSL, because you want to develop your stupid app in the same setup as the Windows store version and i have to fix the not-so-much cross-platform monster of three people before me who never heard of technical debt.
