informIT: Technology transfer

[Gary McGraw <gem () cigital com>]

hi sc-l,

> From time to time a thread or two has popped up on this list discussing how we get software security into the main 
> stream.  One obvious way to do this is through technology transfer.  I am particularly proud of the role that Cigital 
> has played getting security-focused static analysis out into the "main stream."  Now that IBM owns Ounce and HP owns 
> Fortify we should see significant uptake of the technology worldwide.

My informIT column this month is a case study that follows a technology from Cigital Labs, through Kleiner Perkins and 
Fortify to the mainstream.  As you will see, technology transfer is hard and it takes serious time and effort.  In the 
case of code scanning technology, the effort took two companies, millions of dollars, serious silicon valley 
engineering and ten years.

Read all about it here: <http://www.informit.com/articles/article.aspx?p=1648912>

Your comments and feedback are welcome.

gem

company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________