"Applications will have to defend themselves from attack in the future, according to Oracle's chief security officer Mary Ann Davidson.
At the opening keynote of the AusCERT 2007 conference last week, Davidson said applications should be more like US Marines.
"Every Marine fights--whether you are a clerk or a medic, every Marine is first and foremost a Marine, which means they know how to defend themselves. This is an ethos I really think we are going to need in this new world."
I don't get this, software applications cannot defend itself otherwise they would not be the applications originally written in the first place. i.e. if Oracle SSO is a single sign on software would it then also have to be an application IDS? - I beleive that software should be written to standards also to secure coding standards and ideally be well tested and as bug free as possible. Thats a goal, it doesnt mean that it defends itself. each to their own view though..:-)