Thursday, January 15, 2009

SANS lists top 25 computer software errors

When developing entrepreneurial software the temptation is always to go directly from proof of concept or demo code to production. Customers want your application, and are excited about your product, you still don't have the $$ needed to really make it scalable and secure - but growth of customer base looms. After viewing the havoc that can be wreaked by a problem as simple as not allowing brute force attacks on a social networking site (Twitter and Obama's account) it is a good cautionary tale for any entrepreneur. The transition from proof of concept or demo must be planned in advance. Software should be evaluated for risk and the risk mitigated before widespread growth and acceptance of the product.

SANS recently released a list of the top 25 mistakes programmers make when creating software. Read it over. Is your proof of concept or demo software tested against these rigorous standards? If not, have you budgetted the dollars needed BEFORE you go into full production to evaluate and if necessary amend your code to take these issues into account? If not you might have some 'splainin' to do as Ricky Ricardo would put it when your customer's private information is compromised.