Historically, Microsoft was bashed for security holes in its software that led to worm outbreaks on desktops and servers around the globe and other problems. In 2002, the company saw the light and launched its Trustworthy Computing initiative, elevating security to the top priority, and began designing and building products with security in mind.
Six years later, the company's conversion seems to have worked with vulnerabilities dropping by about half from Windows XP to Windows Vista by 90 percent between SQL Server 2000 and SQL Server 2005.
But the environment has changed--Web applications have eclipsed desktop applications as people move more and more of their computing online. Now, 60 percent of new vulnerabilities are in Web apps, and only 14 percent of them are from the top five independent software vendors, like Microsoft and its ilk, according to research from IBM's X-Force.
Microsoft has gone from being the vendor responsible for the greatest proportion of vulnerabilities to being third, with 2.5 percent share, the research shows. The lion's share of the vulnerabilities come from start-ups racing to get their products to market. And 70 percent of them are doing the security testing and review after they release the product, Microsoft said.
So now Microsoft is trying to convert others to the cause, offering free tools that outside developers can use to assess their software development security practices and analyze their software designs to look for security weaknesses and threats.
Read More Article...
Tuesday, September 23, 2008
Microsoft becomes high priest of secure software development
Subscribe to:
Post Comments (Atom)
Useful Resources:
Software Development OutsourcingOutsourcing Services
No comments:
Post a Comment