Microsoft Trusted Stack: The Software Stack

Trust in Software is difficult. From a comercial applications perspective it is actually very easy but more difficult to achieve when using smaller software vendors who may not have the budget, facilities or resources to us the arsenal of software testing and application penetration tools that can make for safer coding.

This problem is further exacerbated by the easy download ability and easy use of applets from social network sites such as Facebook. The creators of these applets more than likely haven’t run their applications through software security and assurance programs because of the cost involved and delays in time to market.

I suspect if application developers were forced down this route we would have substantially less innovation and variety of software applications in the market. In addition the software market would eventually become monopolised by only those who could afford to pay for software assurance, penetration testing and certification services.

Please note that for the purposes of this blog only, my definition of software developers can be anyone from a home user with an interest in programming to powerhouse corporations such as Microsoft, Symantec and Apple.