Secure Coding mailing list archives
Re: informIT: Building versus Breaking
From: "Goertzel, Karen [USA]" <goertzel_karen () bah com>
Date: Thu, 1 Sep 2011 16:41:47 +0000
There are these: ISC(2) Secure Software Conference Series - https://www.isc2.org/PressReleaseDetails.aspx?id=650 ESSoS - http://distrinet.cs.kuleuven.be/events/essos/2012/ SecSE - http://www.sintef.org/secse SSIRI - http://paris.utdallas.edu/ssiri11/ But your point is taken. Most of the conferences in this domain appear to be outside the U.S. I'm not sure what THAT says about U.S. attitudes about software assurance (though I have my suspicions). More important is the question of who actually attends these conferences. I'm in the process of updating some research on how and where software security assurance is being taught by colleges and universities, and what I'm finding is that the topic has been pretty much marginalised into an aspect of information assurance - i.e., it's being taught mostly to postgraduates who are majoring in IA and related disciplines - rather than an aspect of software development. There are exceptions, of course - but by and large that seems to be the trend. And I think the same is true of the conferences. It's the security wonks who care about software assurance much more than the actual software developers. Take a look at: http://zastita.com/index.php?det=64494 === Karen Mercedes Goertzel, CISSP Booz Allen Hamilton 703.698.7454 goertzel_karen () bah com Sorry, you have reached an imaginary number. If you require a real number, please rotate your phone by ninety degrees and try again. ________________________________________ From: sc-l-bounces () securecoding org [sc-l-bounces () securecoding org] on behalf of Steven M. Christey [coley () linus mitre org] Sent: 31 August 2011 16:45 To: Sergio 'shadown' Alvarez Cc: Adam Shostack; Secure Code Mailing List Subject: Re: [SC-L] informIT: Building versus Breaking While I'd like to see Black Hat add some more defensive-minded tracks, I just realized that this desire might a symptom of a larger problem: there aren't really any large-scale conferences dedicated to defense / software assurance. (The OWASP conferences are heavily web-focused; Dept. of Homeland Security has its software assurance forum and working groups, but those are relatively small.) If somebody built it, would anybody come? - Steve _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________ _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- informIT: Building versus Breaking Gary McGraw (Aug 31)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Aug 31)
- Re: informIT: Building versus Breaking Steven M. Christey (Sep 01)
- Re: informIT: Building versus Breaking Goertzel, Karen [USA] (Sep 01)
- Re: informIT: Building versus Breaking James Walden (Sep 05)
- Re: informIT: Building versus Breaking Jeffrey Walton (Sep 05)
- Re: informIT: Building versus Breaking Jeremy Epstein (Sep 05)
- Re: informIT: Building versus Breaking Steven M. Christey (Sep 01)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Aug 31)
- Re: informIT: Building versus Breaking Chris Schmidt (Sep 01)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Sep 01)
- "Building" conferences (was: informIT: Building versus Breaking) Martin Gilje Jaatun (Sep 05)
- Re: "Building" conferences (was: informIT: Building versus Breaking) Gary McGraw (Sep 05)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Sep 01)
- Re: informIT: Building versus Breaking Tom Brennan (Sep 05)