Greetings all,
I was asked to clarify what I posted yesterday re Amit Yoran's recent public
statements on the topic of software security.
On Tuesday 20 April 2004 03:27, an SC-L reader wrote:
Ken, could you clarify a little please?
Happy to, see below.
I detect a slighly snide tone that
On Tue April 20 2004 12:34, Michael A. Davis wrote:
It is not the source code that is the
problem -- it is the developer.
The proof of the developer's grokking of secure coding, is in the code.
--
Dave Aronson, Senior Software Engineer, Secure Software Inc.
Email me at: work (D0T) 2004
[EMAIL PROTECTED] wrote:
Michael A. Davis wrote:
Isn't she missing the point? It is not the source code that is the
problem -- it is the developer.
Well ofcause you can improve the quality of your code by
educating your developers, but you cannot avoid doing code review.
Developers are