Windows 10 has 39% of the worldwide marketshare for desktop operating systems. It’s estimated that more than a billion people use Windows on their desktops alone.Īs those products have moved to the cloud, the stakes around security are now higher. Microsoft’s historical dominance on the desktop and networks has made it a target for hackers, so making its products secure has long been a priority. It requires buy-in from both groups, ongoing training, effective communication and, importantly, a strong endorsement from executive management.ĬSO recently spoke with Bret Arsenault, Microsoft’s CISO, and Bharat Shah, vice-president for security engineering in Microsoft’s cloud and AI division, about how the company’s developers and security professionals collaborate to build security into its tools and products.
Executing that approach is not so simple. Microsoft’s approach is simple and is based on good, consistent training and communication.
Sdl threat modeling tool tutorial software#
Why can’t there be one set of shared goals for both teams? Software giant Microsoft believes it has achieved a common purpose between its development and security operations, and that this shared purpose has resulted in better security for both its internal and commercial software and services. Security sees themselves working to fix vulnerabilities that developers create, while to developers security is a series of speed bumps that keep them from reaching their milestones on schedule.
How would you describe the relationship between your organization’s security and development teams? Chances are, you’d use words like “tense” or “distrustful.” That’s because the two groups often feel they are working at cross-purposes and getting in each other’s way.
0 kommentar(er)
