One of the reasons I am writing down these thoughts is so that people that have more information than I can correct me when I am wrong. Hopefully I will then learn.
In my mind, this is vindication to the time, effort, and money Microsoft invested in trying to factor security into the development process. I know that my team invested multiple man-weeks toward security modeling, extra code-reviews, security oriented design analysis, etc. That is just one team of ~12 developers.The real scare would have been if that didn't provide quantitative returns.Still, it is unlikely to reverse the negative reputation Microsoft developed for the flaws found and exploited in the last few years. SQL Server may be on a recovery path, but it is still a Windows-only DB and the Windows OS has its own bad rep to struggle with.
Glad to see it. The Silverback Gorilla can always be picked on my the little monkeys...As long as they stay out of his reach.
Post a Comment
Enter your email address:
Delivered by FeedBurner
Proud member of Security Bloggers Network, a FeedBurner Network.
Subscribe to DCS Security
Proud member of The Science Network, a FeedBurner Network.