Will Kruse (BS, ISST '05) is a software security consultant for Cigital where he performs a variety of security assessments for clients. These range from C/C++/Java code reviews, to architectural analyses, to enterprise software security assessments. Cigital's mantra is that "software must work" and security is just one piece of this puzzle; consequently, Will has been exposed to the broader world of software quality, including testing, requirements, and software development process.

Software security is a very broad subject and consequently Will has found many of the topics covered in his courses to be useful. The basic computer science courses are necessary to understand the core formal principles which will make or break software security and quality. At the same time, the development experience is essential in order to effectively and knowledgably read, critique, and suggest corrections to code.

By the same token, the series of courses (CS 230, 330, and 432) that address web applications and databases have been very useful to Will because these technologies are so widely-deployed. Will has found that applications implemented with these technologies often provide fascinating illustrations of the canonical software security vulnerabilities. As a consultant, he has discovered many of these vulnerabilities and guided clients through a remediation process.

Aside from the highly technical courses, Will has found immense value in being able to understand the implications of the security and quality issues he uncovers. Will has found that courses like INFO 515 and LAW 410 help dispel the fear, uncertainty, and doubt that often surrounds technical risks by allowing him to connect these risks to their business implications.