Software Applications, the targets of vulnerabilities

I was just reading Soma’s blog post How vulnerable are software applications? and it really makes you think about how and what you create as an application designer.  According to a 2005 FBI survey, U.S. businesses lost $67.2 billion because of cyber crime, estimated in 2006 were $49.3 billion.

While these numbers are staggering in themselves, in our June 2007 Microsoft Security Intelligence Report, we see that less then 10% of these vulnerabilities were targeted at the Operating System.  All the others were targeted at the application layer.

I would strongly suggest you read through Soma’s post as there are some very valuable pieces of information in it.  Including what Microsoft is doing to help fight against this using our Microsoft SDL (Security Development Lifecycle).

The best thing that you can do at this time is make sure you are educated as best as you can on what you can do in your corporation to help fight cyber crime.

There are some great tools online other then the SDL.  Here are a few that I have found useful:

• "How Do I?" Videos for Security
• ASP.NET 2.0 Security Videos
• Microsoft E-Learning Course Catalog
• Security Professional at Microsoft
• Security Videos by Joe Stagner