ABSTRACT
In this chapter, we would like to introduce you to Brook Schoenfield. He is a true thought leader and a well-respected software and enterprise security architect. Because of Brook’s extensive experience as a software security architect, we have asked him to write this chapter. We believe this topic to be the most difficult and critical part of the SDL and requires a seasoned software security architect’s point of view to lend credibility to the solutions proposed. Brook has been a co-worker and great friend of ours for several years and has experienced the same challenges that we have in building, mentoring, managing, and providing technical leadership to both large and small software and enterprise security programs. The following chapter is the result of many years of experience by Brook of what works, what doesn’t work, and most important, what should work to secure software during development. The model presented in this chapter is also the result of many months of brain storming between James and Brook. As part of our introduction to Brook, we are including an overview of his background below.
