Secure Coding mailing list archives
Darkreading: compliance
From: gem at cigital.com (Gary McGraw)
Date: Mon, 12 Mar 2007 17:38:09 -0400
Maybe it depends on the vertical? What vertical(s) did you find it a distraction in? gem -----Original Message----- From: Michael Silk [mailto:michaelslists at gmail.com] Sent: Mon Mar 12 17:34:56 2007 To: Gary McGraw Cc: SC-L at securecoding.org Subject: Re: [SC-L] Darkreading: compliance On 3/13/07, Gary McGraw <gem at cigital.com> wrote:
hi sc-l, this month's darkreading column is about compliance. my own belief is that compliance has really helped move software security forward. in particular, sox and pci have been a boon: http://www.darkreading.com/document.asp?doc_id=119163 what do you think? have compliance efforts you know about helped to forward software security?
no. my feeling is that it focuses management on unimportant things like meeting checkpoints rather then actually doing useful things. gem
company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com ---------------------------------------------------------------------------- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. ---------------------------------------------------------------------------- _______________________________________________ Secure Coding mailing list (SC-L) SC-L at securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
-- mike 00110001 <3 00110111 ---------------------------------------------------------------------------- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. ----------------------------------------------------------------------------
Current thread:
- Darkreading: compliance Gary McGraw (Mar 12)
- Darkreading: compliance bugtraq at cgisecurity.net (Mar 12)
- Darkreading: compliance Michael Silk (Mar 12)
- Darkreading: compliance Steven M. Christey (Mar 12)
- Darkreading: compliance Bruce Ediger (Mar 13)
- Darkreading: compliance Benjamin Tomhave (Mar 30)
- Darkreading: compliance ljknews (Mar 30)
- <Possible follow-ups>
- Darkreading: compliance Gary McGraw (Mar 12)
- Darkreading: compliance Gary McGraw (Mar 13)
- Darkreading: compliance Michael Silk (Mar 13)