Shostack + Friends Blog Archive

 

Mike Howard beats me to the punch

His posts on “Microsoft hosts OEM partners for a crash-course in SDL (Day Two)” and “Microsoft hosts OEM partners for a crash-course in SDL (Day Three)” cover much of what I wanted to say:

My biggest observation was these guys were utterly engaged, and by that I mean writing copious notes and asking some very pointed and deep questions. The companies could have sent junior people to this event simply to pay lip service to security, but they did not; they sent senior security people who know what they are talking about. But they also know that any help we can give them can only be beneficial to the OEM, Microsoft and most importantly, our customers.

Private to J, S: At least Mike came up with his own content.