Microsoft recently held its 2010 MIX conference for web developers in the US. As expected, there was a significant focus on Silverlight, the Windows Phone platform and IE9. An unexpected and welcome surprise was the number of sessions designed to get developers thinking about security and privacy in their applications.
Check this out (the sessions are online and available at no cost):
and this one:
This is the way it should be. Sure, have a bunch of sessions on the whiz-bang latest things that developers can do, but set aside a number of sessions to remind them that security and privacy are important considerations as well.
The ultimate responsibility for writing secure applications belongs in the development organization and in the hands of individual developers, not in information security.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.