Secure Coding mailing list archives
Perspectives on Code Scanning
From: gunnar at arctecgroup.net (Gunnar Peterson)
Date: Thu, 07 Jun 2007 17:44:37 -0500
and that's the problem. the accountability for insecure coding should reside with the developers. it's their fault [mostly].
I find it fascinating that an industry like security, that has delivered a grand total of TWO working mechanisms[1] over several decades of effort, is so willing to throw others under the bus. Methinks they doth protesteth too much and all that... Instead it would be more productive for security to roll up their collective sleeves and help build better tools and services. 1. Get proactively involved in the SDL, tomorrow if not sooner: http://www.cigital.com/justiceleague/2007/05/24/sdlc-on-the-shoulders-of-gia nts/ 2. Make sure that involvement is pragmatic, and helps the enterprise make the hard decisions to improve things instead of standard IT Security CYA: http://1raindrop.typepad.com/1_raindrop/2007/06/cost_effective_.html -gp 1. "one being the reference monitor and the other crypto" blaine burnham
Current thread:
- IBM to catch Watchfire security technology | Tech News on ZDNet Kenneth Van Wyk (Jun 06)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 06)
- Perspectives on Code Scanning Michael Silk (Jun 06)
- Perspectives on Code Scanning Steven M. Christey (Jun 06)
- Perspectives on Code Scanning Michael S Hines (Jun 07)
- Perspectives on Code Scanning der Mouse (Jun 07)
- Perspectives on Code Scanning Shea, Brian A (Jun 07)
- Perspectives on Code Scanning der Mouse (Jun 07)
- Perspectives on Code Scanning Michael Silk (Jun 06)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 13)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 06)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 07)
- Perspectives on Code Scanning Gunnar Peterson (Jun 07)
- Perspectives on Code Scanning Michael Silk (Jun 07)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 07)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 08)
- Perspectives on Code Scanning Paolo Perego (Jun 10)