Comments on: How Design Impacts Security http://dcortesi.com/2007/10/24/how-design-impacts-security/ Coding, Security, and maybe a little bit about Damon Cortesi Tue, 02 Dec 2008 17:43:41 +0000 http://wordpress.org/?v=2.6.2 By: Spot — interaktion.info » Blog Archive » How Design Impacts Security http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-56974 Spot — interaktion.info » Blog Archive » How Design Impacts Security Wed, 02 Jan 2008 20:31:48 +0000 http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-56974 [...] Link: How Design Impacts Security → [...] [...] Link: How Design Impacts Security → [...]

]]> By: John http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-47976 John Tue, 30 Oct 2007 22:48:11 +0000 http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-47976 "are there to make users “feel” better about the security, rather than implementing effective measures themselves" This quote reminded me of the airport :) “are there to make users “feel” better about the security, rather than implementing effective measures themselves”

This quote reminded me of the airport :)

]]> By: Damon http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-46854 Damon Wed, 24 Oct 2007 22:31:35 +0000 http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-46854 I frequently turn to Microsoft themselves. I'd have to say they're the best example of an organization that completely turned the security of their products around through secure design and coding awareness. They've got many docs out there showing their new Secure Development Lifecycle and just think how much more secure IIS6 is than IIS4. Not to mention halting devs for 3 months to do security reviews. Michael Howard (Author of Writing Secure Code) and his book and blog are both great resources. I frequently turn to Microsoft themselves. I’d have to say they’re the best example of an organization that completely turned the security of their products around through secure design and coding awareness. They’ve got many docs out there showing their new Secure Development Lifecycle and just think how much more secure IIS6 is than IIS4. Not to mention halting devs for 3 months to do security reviews.

Michael Howard (Author of Writing Secure Code) and his book and blog are both great resources.

]]> By: hendo http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-46843 hendo Wed, 24 Oct 2007 19:14:22 +0000 http://dcortesi.com/2007/10/24/how-design-impacts-security/#comment-46843 What resources do you normally turn to when explaining the importance of threat modeling and secure coding? I could use some good documentation to better explain it... What resources do you normally turn to when explaining the importance of threat modeling and secure coding? I could use some good documentation to better explain it…

]]>