Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Microsoft's secure computing initiative begins to pay off

Fortify : 29 September, 2008  (Technical Article)
Advances in development of secure software in Microsoft team results in a fall from the top of IBM's reported security incident chart for the world's largest software vendor
Fortify Software says that after being in pole position in the reported security incident charts for the whole of 2007, Microsoft has dropped to third slot in IBM's X-Force mid-year security analysis.

'Normally a slip in the charts is a bad thing, but this time around it's a positive move, as it suggests that Microsoft's investment in an SDL - Security Development Lifecycle - is paying off,' said Brian Chess, Fortify's chief scientist.

According to Chess, Microsoft's move down the reported security incident charts is almost certainly due to the actions of Bill Gates, who emailed all the developers years ago to help kick off Microsoft's Secure Computing initiative.

In his email, said Chess, Microsoft's former CEO clearly pointed out that all the great features of Microsoft's code won't matter unless customers trust the company's software.

'Gates told his dev team, 'when we face a choice between adding features and resolving security issues, we need to choose security.' And that's pretty impressive stuff, even for Bill Gates,' he said.

'It's against this backdrop that we're glad that Microsoft accepts the Business Software Assurance religion which recognizes security is not simply a product, it must be complemented with processes and expertise,' he added.

But Microsoft's advances has a serious implication for the rest of the market. Chess warns: "As Microsoft becomes a harder target, the pressure is transferred to smaller players. There are just as many, if not more, attackers out there as there were in 2007, but now they're spending their time looking at a greater diversity of software. Software security is everybody's problem. Microsoft can't rescue us. That's why they've moved from making their products secure to teaching people about how to create secure software."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo