Is Adobe Finally Taking Security Seriously?

Is Adobe recognizing that it plays an important function in many business operations and quicker response times are vital?

 By Sue Poremba | Posted Jun 24, 2010
Page of   |  Back to Page 1
Print ArticleEmail Article

Adobe has had its share of security problems lately -- I guess it shouldn't be a surprise that McAfee predicted Adobe would be a top target for hackers in 2010.

It's a reminder that no one is safe in today's environment. Adobe was safe and secure for such a long time, but in an Information Security article, Adobe's Brad Arkin was quoted:

There are definitely a lot of bad guys out there who make a living attacking software. … They started by attacking Microsoft, now they're attacking Adobe too. We're definitely in the spotlight.

Part of the problem has been Adobe's slow response to security flaws. Is that changing?

Last year Adobe created its Secure Product Lifecycle (SPLC), which, according to the Information Security article:

includes an 80-point security plan for every product, security training and certification for engineers, and a culture of security largely based on the company's training program, have yielded more secure products, he said. The company's four-tier training program, which launched in early 2009, begins with computer-based training, but to achieve the third level (a "brown belt") an engineer must create a project and finish it in six months, while the fourth level (a "black belt") requires coordination of brown-belt projects.

Also, Adobe's Product Security blog reported an accelerated security update, pushing updates to June 29 rather than waiting for the normal quarterly release on July 13.

Hopefully this is recognition on Adobe's part that the company plays an important function in many business operations and that increased security measures -- particularly quicker response times to flaws and vulnerabilities -- is vital.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.