Having double masters in Software engineering (Pakistan) and Information security (Sweden) , I always think that current strategy of dealing security bugs are wrong. i.e. we are always try to cover the application from outside with IDS/IPS and firewalls.  This has created so great hype that whenever you talked to some C-executive about IT Security he spontaneously imagine "Firewall" back in his mind. .. " Oh you need security go and get a firewall... :))  "

As a software engineer i know the problems lies deeply inside the software , which will not solve by hiding the application with firewall.  It was one of the motive to start a forum "builtinsecurity" (builtinsecurity.org)  to discus application/software security issues with some solutions.

The softwre security market is now passing from an "early adaptor phase" as discussed in the following article . Read here.