WebApp Sec mailing list archives
RE: The biggest thing affecting software security? People, apparently.
From: "Lyal Collins" <lyal.collins () key2it com au>
Date: Thu, 30 Jun 2005 11:10:04 +1000
Imho, it is sometimes easier to use technology to 'cover up' and address threats arsing from human mistakes and foibles via automation, rather than try the 'educate and proceduralise everything' approaches. e.g. - coding mistakes - configuration mistakes - lax patch management - poor password choices - opening/running malware - exec/mamanegment directing poor environment security onto IT teams - dis-affected employees and users/customers - <insert your favourite security errors here> Lyal -----Original Message----- From: Nick Murison [mailto:nick () urgusabic net] Sent: Thursday, 30 June 2005 1:09 AM To: webappsec () securityfocus com; sc-l () securecoding org; secprog () securityfocus com Subject: The biggest thing affecting software security? People, apparently. Hi all, www.threatsandcountermeasures.com just closed their poll on what people thought was the biggest thing affecting software security. The results were: People: 80.3% Process: 18.2% Technology: 1.5% Results also available from www.threatsandcountermeasures.com/PastPolls.aspx. If this is the case, then why is there such a huge financial investment in security technology? Is the human factor expected to magically improves once we've got the "right" technology? For our new poll, Threats and Countermeasures are asking what people consider to be the more secure web application development platform; JSP, PHP, ColdFusion, ASP.NET or old-skool CGI. Best regards, -- Nicholas John Murison ~~~~~~~~~~~~~~~~~~~~~ http://www.urgusabic.net
Current thread:
- The biggest thing affecting software security? People, apparently. Nick Murison (Jun 29)
- Re: The biggest thing affecting software security? People, apparently. Steve Milner (Jun 29)
- RE: The biggest thing affecting software security? People, apparently. Lyal Collins (Jun 29)
- Re: The biggest thing affecting software security? People, apparently. Clinton E. Troutman (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. Irene Abezgauz (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. . . (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. John Manko (Jun 30)