The comments of Dennis Devlin of Thomson at a Microsoft .NET demonstration served to highlight the need to eliminate the gulf between development and security priorities in eXtensible Markup Language (XML) development projects. XML speeds application integration and implementation, but cannot provide per-platform applications environments with services that most application developers depend on. Transporting XML and Web services over high-level protocols such as Hypertext Transport Protocol (HTTP) also increase difficulty in routing, distinguishing, and filtering messages that use advanced addressing schemes. Therefore, application developers and security experts often have the same goal of improving enterprise performance, but are stymied by disparate concerns. Developers want speed of development, and security professionals want applications and services to be recoded as infrequently as possible. The development team focuses on reuse, which greatly increases the workload of the security team. There is therefore a need for security specialists. Another difficulty is the fact that security professionals and application developers do not have the same evaluations. Developers are paid for speed of development and development of code that increases competitive advantage, while security professionals evaluations are tied to their ability to prevent, detect, and resolve security issues while minimizing enterprise risk as a whole. An XML environment can be deployed that provides some described functions for translating between applications development, security, and operational needs. Among the eight requirements listed is enablement of hot updating of services, connections, and policies, in addition to rollback.