RSAでのSecure Software Forumのバネル報告。ソフトウェア開発におけるセキュりティ対策。
Fortune1000のうち開発に対してセキュりティ対策をしているのは36%。
Businesses should pay more attention to software security
Penny Lane, chief information security specialist for Visa in San Francisco, said developers don't have a good picture of the realm of threats at all different layers of the network, so they have trouble conceiving of the types of threats they should guard against.
Justin Peavey, vice president of security architecture and engineering for State Street in Boston, said developers should write applications according to sound principles that isolate the areas of code that represent risk so if a flaw is found, only a few lines of code need to be rewritten to fix it. "If the threat is distributed throughout the code, then it's impossible to find the vulnerability," he said.
Leave a comment