Secure Coding mailing list archives
Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading
From: andre at operations.net (Andre Gironda)
Date: Sat, 1 Dec 2007 21:55:46 -0700
On Nov 30, 2007 1:59 PM, Steven M. Christey <coley at linus.mitre.org> wrote:
i still think all these ideas are wrong and the model is simple: don't employ people who write and generate insecure code. it's just part of programming. you wouldn't hire a doctor to be a gardener. don't hire an idiot to program your apps.How does a manager who hasn't written code in the last 10 years (if ever) know how to distinguish the idiots from the experts? Secure programming certification and education is, at best, in its infancy.
Felix Linder said it best in his recent presentation, "Security and Attack Surface of Modern Applications". Commercial software doubles in size every 18 months. How are we going to train developers and security professionals fast enough to keep up with that pace? Cheers, Andre (I swear this is the last one for now, sorry for splitting this into so many messages)
Current thread:
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading, (continued)
- Insecure Software Costs US $180B per Year - Application and robert at webappsec.org (Nov 29)
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading Andy Steingruebl (Nov 29)
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading Blue Boar (Nov 29)
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading silky (Nov 29)
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading Steven M. Christey (Nov 30)
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading Andre Gironda (Dec 01)
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading silky (Dec 02)
- Insecure Software Costs US $180B per Year - Application and Perimeter Security News Analysis - Dark Reading Pete Werner (Dec 04)