EDN Admin
Well-known member
As hell tell you in this interview, Barry Dorrans (aka @blowdart) had a bit of an epiphany preparing for this recording in that his job is somewhat like that of infamous "Clippy". Whenever someone starts a new project, Barry and his coworkers pop up and ask whether they can help with security and "no" is never the right answer.
The mandatory participation in the secure development lifecycle is all part of Microsofts ongoing, decade-old trustworthy computing initiative, which has resulted in Microsofts software and services to embody security best practices. More information about out secure development lifecycle can be found at http://microsoft.com/sdl
Barry and I sat down to discuss the SDL, but also touch on 0-day vulnerabilities and their handling, and like anyone involved in security he has some interesting war stories to share and also some insights from recent security conferences that seem worth paying more attention to and if its only to learn about the creativity with which people get through closed doors.
View the full article
The mandatory participation in the secure development lifecycle is all part of Microsofts ongoing, decade-old trustworthy computing initiative, which has resulted in Microsofts software and services to embody security best practices. More information about out secure development lifecycle can be found at http://microsoft.com/sdl
Barry and I sat down to discuss the SDL, but also touch on 0-day vulnerabilities and their handling, and like anyone involved in security he has some interesting war stories to share and also some insights from recent security conferences that seem worth paying more attention to and if its only to learn about the creativity with which people get through closed doors.
View the full article