|
Secure Coding Catches Fire |
|
|
|
Source: Dark Reading - Posted by Eric Lubow
|
If you build security in from the get-go, will the malware still come? Of course. But proponents of secure software coding say attacks and exploits won't be as widespread or prevalent if developers build security into their operating systems, applications, and network device software from the ground up. Applications are increasingly becoming the targets of attacks and often represent the weakest link in the security chain. It gets dicier when these apps are as prevalent as systems management agent software, for instance, which Matasano Security's recent research has shown to be a security nightmare. (See Demons Lurk in Management Software.)
"The only way you're going to solve this problem is teaching people who write the software to do a better job," says Gary McGraw, CTO for Cigital (and a member of Dark Reading's editorial advisory board). The two most common problems in coding that cause security troubles down the line are bugs in the code and design flaws, or how the software components are put together, McGraw says. Much of that could be caught up front if developers consistently used static analysis tools, for instance, he adds.
Read this full article at Dark Reading
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
