Secure Coding mailing list archives
top 10 software security surprises
From: gem at cigital.com (Gary McGraw)
Date: Tue, 16 Dec 2008 13:25:03 -0500
hi sc-l, Using the software security framework introduced in October (A Software Security Framework: Working Towards a Realistic Maturity Model <http://www.informit.com/articles/article.aspx?p=1271382>), we interviewed nine executives running top software security programs in order to gather real data from real programs. Our goal is to create a maturity model based on these data, and we're busy working on that (stay tuned here for more). However, in the course of analyzing the data we gathered, we unearthed some surprises that we share in this month's informIT article: http://www.informit.com/articles/article.aspx?p=1315431 My bet is that some of the findings will come as a surprise to sc-l readers as well. Check the article out. Merry New Year to you all. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com
Current thread:
- top 10 software security surprises Gary McGraw (Dec 16)
- top 10 software security surprises Pravir Chandra (Dec 16)
- top 10 software security surprises Kenneth Van Wyk (Dec 17)
- top 10 software security surprises Ivan Ristic (Dec 17)
- top 10 software security surprises Brian Chess (Dec 17)