"(ISC)2 launched a brand new certification program designed to validate secure software development practices and expertise and address the increasing number of application vulnerabilities."
I hope that the future CSSLP knows that software needs external authentication.
Pamela was preaching this to us at DIDW2008 and it is true.
When a company plans to buy software then we need requirements for external authentication in the request for proposal. This is a must!
And the software should understand claims because "Claims Change Everything!".
External authentication gives you more security because you can choose an established authentication software for authentication in contrast to having to rely on a home-grown authentication module by a database vendor or search engine maker.
Says Axel Nennker, CISSP, CISA, Security Preacher
Integrity Properties for Federations
2 weeks ago
No comments:
Post a Comment