Akshay on the business of security

After about an hour of nodding his head vigorously in agreement with some of our lessons learnt, my customer jumped up and exclaimed, " Great!! Now where do I find another 20 people like these?" (pointing to my team)... I thought about it a while and Read More...

Technorati Tags: Conference , SDLC , SDL , IT , ISV I will be discussing Microsoft IT's approach to secure application development, with a special focus on how we integrate security into the IT line-of-business SDLC, in a webcast this Thursday May 29th. Read More...

Now that you've decided (or battled) to set up an application security program you realize that it actually needs to get funded. You must master the art of delicately drinking from the fire hydrant of line of business applications. In my experience helping Read More...

"How many applications do you have and what do they do?" It seems simple enough yet this questions seems to perplex many a smart mind. Having posed it to over a hundred and fifty CSO/CIOs over the last year, I have rarely received a clear answer that Read More...

After several requests from customers about information on how enterprise class application security programs are set up, I am writing a series of blogs about my experience helping some large enterprises set up application security teams similar to the Read More...