Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Darkreading: Secure Coding Certification

From: ljknews at mac.com (ljknews)
Date: Sat, 12 May 2007 08:04:24 -0400
At 11:17 AM -0400 5/11/07, Gary McGraw wrote:


As readers of the list know, SANS recently announced a certification
scheme for secure programming.  Many vendors and consultants jumped
on the bandwagon.  I'm not so sure the bandwagon is going anywhere.
I explain why in my latest darkreading column:

http://www.darkreading.com/document.asp?doc_id=123606


Well that page shows up as blank in my browser and shows 637 HTML errors
on http://validator.w3.org,


What do you think?  Can we test someone's software security knowledge with
a multiple choice test?  Anybody seen the body of knowledge behind the test?


but based on biases I see on this list, I tend to believe that those
who make such a certification scheme would bias it toward:

        Programming done in C and derivative languages (C++, Java, etc.)

        Programming relying on TCP/IP

neither of which is relevant to my endeavors.
-- 
Larry Kilgallen
Previous By Date Next
Previous By Thread Next

Current thread: