At IT Security Thing I have been talking to Lorenzo Grespan, a developer with Pentest Limited, about secure software development.
Established in 2001, Pentest describes itself as a leading provider of IT security with one of the largest penetration testing teams in Europe. What interested us, though, was that it also runs secure coding workshops for developers. These are described as being hands-on courses aimed at those developers who wish to gain a greater understanding of common security vulnerabilities and the knowledge to ensure their applications are as safe as possible by developing and testing robust, secure code. Which sounds good to us, especially in the light of recent research by Risk Based Security suggesting there have been more than 370 vulnerabilities reported in security solutions during 2015. Look at the last six years, and that number rises to more than 1,700 in total.