The Security Genome Revisited
Dave Aitel quoted my Security Genome post on his Daily Dave mailing list and wrote;
I would posit that no good hacker works alone. The question should be “What makes good teams better than average teams?”.
He’s right of course. I was barely touching the surface of the scope of things I would like to explore with access to the right resources. Are teams better than individuals? Do two people working together find more bugs peering, or what is the optimal size of a review team? How much faster and better can people be when working together? Are people faster or slower or even better or worse at finding issues in frameworks (.NET, RoR etc) or dynamic languages?
There really are so many things to explore.
Guess what? I now work for Microsoft where the psychologist from Bungie quoted in the original Wired article works, so I have mailed him and plan to meet for coffee next week in Redmond to see what I can do to explore setting up some experiments. I’ll post an update on this blog when I know more. I love having access to these sort of resources. It’s dangerous!
On a side note I am a bit like a kid in a candy shop this week. Yesterday was my first day at Microsoft and my first time to see the UK campus where I will have a desk. My first impression is that its what you would want a really really well funded University to be like. There are five really nice modern architecture buildings (one brand new), two nice restaurants, coffee bars and even a wellness center for reflexology and suchlike and a doctor on site twice a week. It looks like a really cool environment to be inspired in. I don’t want to sound like I am drinking the kool aid but so far I am really impressed by everything so far from the recruitment process to the induction presentation and beyond.
I also ordered a stupidly fast new car to deal with the commute. You can even drop you car off under building one and have it valeted (deep cleaned) so I am told! Whatever next?
