Firewalls, Fairy Dust, and Forensics

[Gary McGraw <gem () cigital com>]

hi sc-l,

Ever get discouraged that we have not been making enough progress in software security?  Well, we have been making 
plenty of progress and our field is growing fast!   This peppy little article (co-authored with Sammy Migues) explains 
why firewalls, fairy dust, and forensics are not working out for computer security.

Oh, and software security is growing at 20% CAGR and now accounts for 10% of the computer security market (which is 
itself growing at 8.9%).  We are in the right field, and the this mailing list is a major help.

Please read this: 
http://searchsecurity.techtarget.com/opinion/McGraw-Firewalls-fairy-dust-and-forensics-Try-software-security  Then have 
your SSG members read it.  You do have an SSG, right?

Feel free to post links to twitter, facebook, linkedin, and send it around (by pointer).  I would really appreciate 
that.

Thanks!

gem

company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________