Secure Coding mailing list archives
Harvard vs. von Neumann
From: ken at krvw.com (Kenneth Van Wyk)
Date: Fri, 15 Jun 2007 13:25:01 -0400
On Jun 14, 2007, at 3:51 PM, Gary McGraw wrote:
I am in complete agreement with your thinking, which is why one of the touchpoints (and chapter 9 of "Software Security" is about operations. Ken knows more about this than any of us, but he's on a plane now...right Ken?
Wow, I'd stop far short of such strong words, but I have spent a great deal of time in operations land, and I am convinced we're (all) missing out on significant opportunities to enhance our software security by better making use of deployment security, for lack of a better term. I've seen far too many "one size fits all" approaches to software deployments that fall far short of adequately protecting the app, much less enabling the detection and response of issues when they come up. Cheers, Ken P.S. And yes, I was on a plane. Greetings from Lisbon, en route to Sevilla, Spain for the FIRST conference. I'll again toss out the offer to meet with any SC-Lers who are at the conference. ----- Kenneth R. van Wyk SC-L Moderator KRvW Associates, LLC http://www.KRvW.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2454 bytes Desc: not available Url : http://krvw.com/pipermail/sc-l/attachments/20070615/6b3eabc9/attachment.bin
Current thread:
- Harvard vs. von Neumann Gary McGraw (Jun 13)
- Harvard vs. von Neumann James Stibbards (Jun 14)
- Harvard vs. von Neumann Gary McGraw (Jun 14)
- Harvard vs. von Neumann Kenneth Van Wyk (Jun 15)
- Harvard vs. von Neumann Gary McGraw (Jun 14)
- Harvard vs. von Neumann James Stibbards (Jun 14)