Why Can't Johnny Develop Secure Software?
Vulnerabilities start, experts agree, because developers don't understand how to build security into the code they write.
"There's a lot more acceptance of security as part of the process now, but historically developers have never been responsible for security," says Brian Chess, founder and chief scientist at Fortify, a company that makes tools for secure software development. "We all understand locks and keys, but not many of us are locksmiths. That's where most developers are."
The link for this article located at Dark Reading is no longer available.