Saturday, August 18, 2007

Security Awareness

It's my belief that you cannot write a secure application without security awareness deeply rooted within the minds, souls and software development life-cycle practices of your software developers.

If you are trying to go from a developer team that contains no awareness to total developer security awareness and practices, the cost is prohibitive. But if security awareness training for developers becomes a regular part of your software development life cycle, the cost to train goes down dramatically over time. Continuing education is cheaper than full blown re-training.

- Jim

No comments: