7. Begin Your Security Journey
Anyone interested in IT knows that security is making and breaking application vendors. The best legal agreement won’t shield your application from bad press and dropped sales.
Amazingly, security precautions raised in the 1993 (or thereabouts) www FAQ are still ignored by many commercial applications, especially the niche applications that many coders find lucrative.
Creating an application without designing easy patch mechanisms dooms your application. Customers want to know how they’ll patch your application if their Internet connections are under attack. They’ll ask how many patches you’ve produced in the last year.
Alarmed? So how do you begin learning more secure coding practices?
Michael Howard’s work on secure coding is among the best. Dr. Gary McGraw’s series are must-haves. The Informit bookstore will have his three books at a special bundled price. It’s the best way to see application security problems (and fixes!) from many angles.
I have one more suggestion. Let’s call it the eighth step.