Alarming State of Secure Coding (Andy Oram) — The details below tell the same basic story in every case—only a minority of respondents think the practice is sufficiently in place, and a large chunk always reports they want to perform the practice and cannot do it at all. The bigger problem is that programmers are taught to find the golden path (“how do I get the computer to do this thing?”) and not the tester/security mindset (“how can I get the computer to do something else?”)
Learn faster. Dig deeper. See farther.
Join the O'Reilly online learning platform. Get a free trial today and find answers on the fly, or master something new and useful.