Secure Coding mailing list archives
New IEEE Security & Privacy Department: help wanted
From: "Gary McGraw" <gem () cigital com>
Date: Wed, 18 Feb 2004 00:57:12 +0000
Hi all, There is a new magazine called IEEE Security & Privacy magazine that some of you may already be enjoying. See <http://www.computer.org/security/>. The magazine is more academic than the usual trade rag, and thereby purports to have some modicum of realism in its coverage of the security space. Last year, I was editor of the "On the Horizon" department which covered software security in a few of its articles (see, for example, the report from the DIMACS software security workshop). This year I am starting a new department called "Building Security In". This Department will be a series of articles on software security best practices. I am kicking the column off with an article called "software Security" that you can find here: http://www.cigital.com/papers/download/software-security-gem.pdf Please note that this article is copyright (c) by the IEEE. It will be published in Volume 2, Number 2 (March/April). I am making it available to you IN ADVANCE in order to spark interest in the Department and to ask for your help as software security people. If you desire to co-author an article on a best practice with me, please get in touch ASAP (after reading the first article, of course). The next edition is already slated for "Abuse Cases" which I have written with Paco Hope and Annie Anton. After that, many best practices await coverage! If you have comments about which best practices are most important to you, or which I left out, or why the Common Criteria is the most amazing software security panacea, or why the Orange Book is orange, I am all ears! Fire away. gem Gary McGraw, Ph.D. CTO, Cigital http://www.cigital.com ---------------------------------------------------------------------------- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. ----------------------------------------------------------------------------
Current thread:
- New IEEE Security & Privacy Department: help wanted Gary McGraw (Feb 17)