Secure Coding mailing list archives
Re: "Building" conferences (was: informIT: Building versus Breaking)
From: Gary McGraw <gem () cigital com>
Date: Fri, 2 Sep 2011 15:52:25 -0400
hi sc-l, This minor flame war reminds me of the '80s! Hurray. I have worked hard to inject software security (the building kind) into two conferences: The first was the SD West/SD East set of shows where I started a software security track, did a keynote, invited Schneier to speak, etc. The track was a great success as were the "big talks", but the shows were killed when IDC went down (or was absorbed by UBC). Software Development magazine disappeared or was absorbed into Dr Dobbs at the same time and we had a software security column going there too. Alas. The second involves working on making the RSA Conference "application security" track as strong as possible (and about building versus breaking). I am on the PC of RSA for the second year running. This will be a multi-year project, I'm sure. This doesn't really count, but we have a BSIMM Conference every year as well where the 42 companies participating in the BSIMM project get together to talk software security initiative shop talk. There are no plans to make that into a public conference. gem From: Martin Gilje Jaatun <secse-chair () sislab no<mailto:secse-chair () sislab no>> Date: Fri, 2 Sep 2011 04:59:59 -0400 To: Secure Code Mailing List <SC-L () securecoding org<mailto:SC-L () securecoding org>> Subject: [SC-L] "Building" conferences (was: informIT: Building versus Breaking) Karen Goertzel wrote:
There are these: ISC(2) Secure Software Conference Series - > https://www.isc2.org/PressReleaseDetails.aspx?id=650 ESSoS - http://distrinet.cs.kuleuven.be/events/essos/2012/ SecSE - http://www.sintef.org/secse SSIRI - http://paris.utdallas.edu/ssiri11/
All conferences are not created equal - ESSOS, SecSE and SSIRI are all academic, peer-reviewed conferences/workshops, and probably do not have the same "sex appeal" as BlackHat. Even in academic communities it seems that there are few that appreciate the difference between "security features" and "secure features" (judging by some submissions we get to SecSE). [...]
conferences. I'm in the process of updating some research on how and where software security assurance is being taught by colleges and universities, and what I'm finding is that the topic has been pretty much marginalised into an aspect of information assurance - i.e., it's being taught mostly to postgraduates who are majoring in IA and
I think you're right - to take our local university, NTNU; they have a course on software security, but it's an elective offered to postgraduates in the final year before they start their MSc thesis, which probably means that only those students who already have a special interest in security will choose it. -Martin _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- informIT: Building versus Breaking Gary McGraw (Aug 31)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Aug 31)
- Re: informIT: Building versus Breaking Steven M. Christey (Sep 01)
- Re: informIT: Building versus Breaking Goertzel, Karen [USA] (Sep 01)
- Re: informIT: Building versus Breaking James Walden (Sep 05)
- Re: informIT: Building versus Breaking Jeffrey Walton (Sep 05)
- Re: informIT: Building versus Breaking Jeremy Epstein (Sep 05)
- Re: informIT: Building versus Breaking Steven M. Christey (Sep 01)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Aug 31)
- Re: informIT: Building versus Breaking Chris Schmidt (Sep 01)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Sep 01)
- "Building" conferences (was: informIT: Building versus Breaking) Martin Gilje Jaatun (Sep 05)
- Re: "Building" conferences (was: informIT: Building versus Breaking) Gary McGraw (Sep 05)
- Re: informIT: Building versus Breaking Sergio 'shadown' Alvarez (Sep 01)
- Re: informIT: Building versus Breaking Tom Brennan (Sep 05)
- <Possible follow-ups>
- Re: informIT: Building versus Breaking Rafal (Sep 05)
- Re: informIT: Building versus Breaking Goertzel, Karen [USA] (Sep 05)
- Re: informIT: Building versus Breaking Chris Schmidt (Sep 05)
- Re: informIT: Building versus Breaking Goertzel, Karen [USA] (Sep 05)