One of my professors once said, in the end, it’s really all about developing “good code”. To achieve good code, teams have to get nearly everything right: requirements, designs, code, tests, configuration management, and so on. One thing is clear: security activities must be proactively carried out throughout the entire software development process — from start to finish — in order to build, acquire, and deploy software that is resilient and sustainable.

My blog posts are provided “AS IS” with absolutely no warranties. The content of this site reflects my own personal opinions and do not necessarily represent the views of my employer.