Making software secure should be a requirement of the development process. I've
had the priviledge to have worked on some very good projects where the managers
emphasised security in the beginning of the projects life cycle since it was a
requirement of the client.
Unfourtunately, functionalit
These aren't just secure coding related issues. They are general Software
Quality Issues, that
should be - but aren't
- normal everyday practice. Partly due to lack of knowledge in the Developers,
partly due to
time/budget constraints
of managers and partly due to apathy amongst Stake Holders/end
DBA wanting to prove that he/she is
also a competent programmer; thus getting access to better work. However, a
good manager should see your competency without the need for that silly bit
of paper.
ys
--
Yousef Syed
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
corporations are made to feel the burden of their slack security, then
they'll take it seriously... maybe...
Ys
--
Yousef Syed
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Michael Silk
Sent: 06 April 2005 23:45
To: Dave Paris
Cc: Secure Coding Mailin
rrect depth is dug etc.
Numerous different regulations need to be satisfied before and during the
construction project.
Software projects are way behind that level of oversight!
Ys
P.S. My dad is an Architect, so I spent MANY Summers on building sites, in
my youth... :-)
--
Yousef Syed
-Ori
Numerous corporations have induction schemes for new employees.
These should be designed to contain a significant portion referring to basic
security.
If they covered little else than advice on how to use email appropriately,
it would be a huge benefit. (e.g. Don't open attachments unless you wer