Chapter 10. An Enterprise Software Security Program[1]


I have found no greater satisfaction than achieving success through honest dealing and strict adherence to the view that, for you to gain, those you deal with should gain as well.


Adopting software security in a large organization is a challenge that takes careful planning. Cultural change of any variety is difficult in big companies. Minefields surrounding software process (a religious choice),[2] development tools, programming language, platform, and other technical decisions only exacerbate the difficulty.

Corporate politics is also an issue, with real courage required to foment software security change. Two political factors in particular impede progress. The first is ...

Get Software Security: Building Security In now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.