Microsoft Security Development Lifecycle Presentation

Dr. Bradley Jensen’s Presentation on the Microsoft Security Development Lifecycle (SDL) made me realize how much an average individual, with no significant background in the science of computer technology, is unaware of the risks computer and Internet usage could bring. I admit there were times when I had no idea what Dr. Jensen was talking about, especially when it came to computer terms, such as namespaces. However, I was able to understand some of the main themes in his presentation. I learned that many times security is left out because it costs more money, takes more time, and is not started from the beginning. Also, if security is too difficult to practice, many people will go around it or prefer to disable it (like the company who complained about the difficult passwords having to be renewed frequently). And regarding Threat Modeling 2.1 companies could do one of three things: nothing, take action to prevent it, or do something in between. Lastly, I refreshed my memory as to what phishing was and learned that it took 35 seconds to attack Windows 7. The topic about fuzzing was also greatly discussed, but I don’t believe I grasped the concept of it very well. Overall, I learned that security could prevent many complications if done properly. Dr. Jensen was very knowledgeable in this subject and his presentation was very interesting.