Everybody makes mistakes. It’s no surprise that this statement applies to software development, too. When you deal with information security it is easy to play the blame game and say that the application developers must take care to avoid making mistakes. But how does software development work? What are the processes? What can go wrong? Answering these questions will give you an insight into ways to avoid being bitten by bugs.
Peter af Geijerstam of Factor 10 talked about security mistakes in software development in his presentation held at the DeepSec 2013 conference. We recommend his presentation for everyone dealing with information security, not just software developers.