I saw this image on Veracode’s blog and is very true! Sadly though, many managers take the number of WTFs, start yelling WTF (Who the F**k), and placing blame rather than realizing that it is usually the process and lack of developer education that causes problems not the developer themselves. I have seen that when an effective Secure SDLC is implemented and blame is not thrown around, you really do get a reduction in security bugs.

Source: http://www.veracode.com/blog/?p=77

This entry was posted on Tuesday, February 5th, 2008 at 8:34 pm and is filed under IT Consulting, Network security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.