Comments on: Apple, Google, and Microsoft

By: Marcelo

Marcelo — Thu, 27 Aug 2009 21:48:45 +0000

I don’t understand your point after asking a question with an hypotheses you don’t trust. I never thought of “security” as something you can easily adjust. To me, assessing the security of a software product or service allows me to understand the maturity of the development team. Ergo, the maturity of the security inside a product should be comparable with its other qualities -no more, no less.

By: Alex

Alex — Tue, 25 Aug 2009 13:33:13 +0000

You were just asking me who’d I’d rather work for if I wasn’t in Security – and I’m answering that if I weren’t in security, I’m not sure proactive vs. reactive approach to InfoSec in the SDLC would even register in my decision making criteria.

That said, my personality tends towards “problem fixing” so if I were to join a company with a reactive approach, I’d probably want to be part of a project to make it pro-active. But I’d have a very “security must be seamless” mindset. Otherwise, you get lots of (unnecessary) authentication.

By: Pete

Pete — Mon, 24 Aug 2009 21:33:44 +0000

@Alex – Hmmm, are you saying it doesn’t matter? Or that one of my positions drives your set of questions?

By: Alex

Alex — Mon, 24 Aug 2009 19:42:41 +0000

Who is most profitable? Who is in a good position in the most new, high growth markets? Who has a track record of wise R&D spending?