Hello Secure World

Microsoft has just created a new security awareness site. This site, http://www.hellosecureworld.com, attempts to provide security awareness and education in the developer community.

The notion of security awareness is very interesting. Michael Howard, during his security development lifecycle presentation given at Denim Group, discussed some of the security classes he taught up in Redmond. These daylong classes were given to developers of different projects. The goal wasn’t to make them security gurus or even to remember the difference between, say, symmetric- and asymmetric-key algorithms (if that doesn’t take a security guru). The goals were to simply inform developers of common security scenarios and solutions. If they forgot the solutions the minute they left the class, that was OK, as long as that when presented with similar situations, they might recognize the scenario and perhaps Google for a solution (or, since this is Microsoft, perform a Live search).

And just as Microsoft competes with Google (and, at least for now, Yahoo!), Hello Secure World also requires Silverlight, Microsoft’s answer to Adobe’s Flash.

—Erhan K.

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *