Neil MacDonald

A member of the Gartner Blog Network

Entries Tagged as 'Maturity Models'

Building a Software Assurance Program

by Neil MacDonald  |  September 28, 2010  |  Comments Off

I work with clients daily on how to change their development (and procurement) processes to product more secure code. I wrote in this blog, that application security cannot be solved with technology alone, yet I still run into organizations trying to solve their application security problems with the purchase of a static or dynamic application […]

Comments Off

Category: Application Security     Tags: , , , ,

The Five Stages of Virtualization Security Vendor Maturity

by Neil MacDonald  |  March 13, 2009  |  Comments Off

Stage 1: Virtualization Denial – Here, the vendor hasn’t yet acknowledged the need for virtualization security solutions. Worse, they deny that customers actually need this. Typically, the vendor is afraid of cannibalizing their existing physical environment-based revenue streams. You can tell when security vendors are in denial if you go to their website, search on […]

Comments Off

Category: Virtualization Security     Tags: , , ,

Application Security: A Tool Cannot Solve What Fundamentally is a Process Problem

by Neil MacDonald  |  March 7, 2009  |  12 Comments

One of the areas I research is application security – not only how to develop applications that are more secure, but also how applications should be architected to consume security services. The former is increasingly important as the bad guys move “up the stack” to target applications and information. Secure application development is a priority […]


Category: Application Security     Tags: , , ,