No, they're saying security work happens in the Windows world but not as much in the open, due to the closed source nature.