August, 2007

  • The Security Development Lifecycle

    Dr. No and Risk Management

    • 2 Comments
    Adam Shostack here... Not too long ago, I was talking to a friend at a large company (not Microsoft). My friend has been in security a long time. He’s frustrated that he’s nicknamed Dr. No, because his co-workers expect him to say no to everything...
  • The Security Development Lifecycle

    The Ethics of Perfection

    • 2 Comments
    Steve Lipner here. A couple of weeks ago, I participated in a panel on the ethics of security vulnerability disclosure at Black Hat in Las Vegas. I believe that I was invited for my role in Microsoft’s Security Engineering and Community team and because...
  • The Security Development Lifecycle

    SDL and the Unconcerned Pragmatic Fundamentalist

    • 1 Comments
    Rob Roberts here… We often fear what we don’t know. Take my mother’s casseroles, for example. The initial view scares you, but once you take that first bite, you realize not only that it’s edible, but sometimes, it’s even tasty. When we meet with...
Page 1 of 1 (3 items)