Design flaws account for 50% of security problems. You can’t find design defects by staring at code—a higher-level understanding is required. That’s why architectural risk analysis plays an essential role in any solid software security program. Find out more about architectural risk analysis in this sample chapter. Also, Matthew Heusser and Sean McMillan are convinced that it takes smart people to develop good software that makes money. Where do you find smart people? You don’t find them; you make them! Matt and Sean provide some fundamental rules for doing just that.