A Final Thought

Previous page
Table of content
Next page

A Final Thought

If you learn only one thing from this book, it should be this:

There is simply no substitute for applications that employ secure defaults.

This means building secure, quality software that operates with least privilege, has multiple layers of defense, and has the smallest possible attack surface. You must build software this way because you cannot predict how future attacks will occur.

Do not rely on administrators applying security patches or turning off unused features. They will not do it, or they do not know they have to do it, or, often, they are so overworked that they have no time to do it. As for home users, they usually don't know how to apply patches or turn off features.

Ignore this advice if you want to stay in security-update hell.

Finally, you cannot abdicate the security of your product to anyone else. Long gone are the days when security was an art understood by a few; it is now part of everyone's job to deliver secure software. You can no longer stick your head in the sand.

Ignore this advice at your peril.


Previous page
Table of content
Next page
Writing Secure Code
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
Year: 2001
Pages: 286
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
Managing Enterprise Systems with the Windows Script Host
Competency-Based Human Resource Management
Mapping Hacks: Tips & Tools for Electronic Cartography
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy