I would like to capture the general perception about secure development in startups.<p>Please, also keep in mind that even if your startup doesn't process users' private information (such as financial data or email), your website/application could still be hacked to distribute malware, either exploiting users' browsers or inserting trojans to be downloaded.<p>For instance, I browse sites I trust with javascript and flash enabled in Noscript, increasing the surface attack.<p>Also, users are taught to avoid only untrusted websites/applications - and they could blindly trust your startup downloading trojans.
Security is a high priority for us (2 people). We are careful to write secure code, and we discuss security specifically and do code reviews for any risky parts. This process isn't formalized, but we don't just trust ourselves -- we also expect each other to find any problems we've missed. This doesn't seem to fit into any of your responses.<p>(If you're going to make a poll, I would recommend choosing answers which don't presuppose so much)
I'm eager to see what people here have to say about this poll, but it's so badly constructed that I'm not hopeful about the quality of the results. I've thought about posting a similar poll, but it would be self-serving.