The same vulnerabilities continue to appear in code, over and over again, yet many educational institutions continue to teach programming as they always have. Some high-tech companies have found it necessary to establish ongoing security training for their developers to make up for the absence of college-level, secure coding curriculum. Recently, the thread model, which integrates security concepts into existing computing curricula, has been recognized as effective to transform education in secure software, while not impacting resource-limited institutions with a complete curriculum change.