Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Microsoft admits their software insecure
Message
De
07/09/2002 16:54:20
David Stevenson
Stevenson & Associates
St. Petersburg, Floride, États-Unis
 
 
À
07/09/2002 15:42:11
Jim Nelson
Toronto, Ontario, Canada
Information générale
Forum:
Windows
Catégorie:
Informatique en général
Titre:
Re: Microsoft admits their software insecure
Divers
Thread ID:
00697854
Message ID:
00697947
Vues:
17
Jim,

>I found it both relevant and interesting that there is an 'admission' that security never figured significantly in Microsoft's software design.

Anyone involved in development at Microsoft has already been or is now being retrained in better analysis and design methodologies that take security threats into account from the beginning stages of a project and all the way through to the testing processes. The Nov/Dec issue of CoDe, focused on Security, will contain an interview I did a few weeks ago with Steve Lipner, one of Microsoft's senior Security executives, where he discusses the changes within Microsoft in that area.

That issue of CoDe also will contain an excellent article by Microsoft employee Michael Howard on the concept of "Threat Modeling," which he and others taught to Microsoft employees during the "stop coding and analyze for security" push a few months back. Michael is the author of "Building Secure Code," from Microsoft Press and is revising the book to include Threat Modeling. The re-training at Microsoft is still ongoing...
David Stevenson, MCSD, 2-time VFP MVP / St. Petersburg, FL USA / david@topstrategies.com
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform