Funny, isn't that the problem?
Last week the company offered a four-day course on information security
stake</a> condensed into two days. The material was good and the pace, given the usual for courses, great. The majority of the attendees were current security people, so the subject was old hat for most of them (or should be!) and would be for anyone else who follows bugtraq, but for the target audience of application programmers it should be great or at least very enlightening. Now, the amusing thing. While experimenting with one of the commercial stake
tools we found a bug to which the instructor remarked that you sometimes
find these in early releases. He noted that the guys who develop the
tools are expert in multiple areas and very good a breaking things but
not so hot at QA testing. Funny, isn't that the problem?