| TL;DR: The advice is: "use Open source software", "add logging", "set all pages to HTTPS" and follow a "top 10 list of the most critical security threats" Sad state of things. The concept of having your work done by "Full Stack Developer" will not be nice for opening up potential security holes, in my opinion. Additionally, I don't think there exists a real "Full Stack" dev, and I'm not alone in this opinion; click anywhere: https://medium.com/swlh/the-full-stack-developer-is-a-myth-4... https://news.ycombinator.com/item?id=10182936 http://andyshora.com/full-stack-developers.html https://frontendmasters.com/books/front-end-handbook/2017/pr... https://vitamintalent.com/blog/the-myth-of-the-full-stack-de... https://techcrunch.com/2014/11/08/the-rise-and-fall-of-the-f... https://www.propelrr.com/blog/ux/full-stack-web-developer.ht... |
A proper full stack dev can make design and implementation decisions at all levels, while being able to visualise the affect of those changes over the entire system, in detail, at low level. They're also able to communicate these changes not only to a uber-low-level introverted developer, they're also able to sit with the CEO/CTO and rationalise their decision in terms of cost and savings.
And of course, they're able to drop anchor, exit the elevator at any level and get on the tools.