Michael Howard Q&A on SearchSoftwareQuality.com

December 11, 2007
Dan Cornell

I saw this posted late last week – SearchSoftwareQuality.com has a Q&A with Michael Howard about software security.  He has some great insights:

  • Every organization and every development team has a problem with security.  The first step to addressing the problem is to admit this.
  • There is nothing magical about security that only high priests can understand.  Everyone can understand and apply the basics.
  • Tools are great and they have their place, but are not a panacea.  They are risky because too many organizations think they are.

Check it out!

–Dan
dan _at_ denimgroup.com

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Categories: Information Security Security Programs Web Application Security

Leave a Reply

Your email address will not be published. Required fields are marked *