Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

New IEEE Security & Privacy Department: help wanted

From: "Gary McGraw" <gem () cigital com>
Date: Wed, 18 Feb 2004 00:57:12 +0000
Hi all,

There is a new magazine called IEEE Security & Privacy magazine that
some of you may already be enjoying.  See
<http://www.computer.org/security/>.  The magazine is more academic than
the usual trade rag, and thereby purports to have some modicum of
realism in its coverage of the security space.  Last year, I was editor
of the "On the Horizon" department which covered software security in a
few of its articles (see, for example, the report from the DIMACS
software security workshop).

This year I am starting a new department called "Building Security In".
This Department will be a series of articles on software security best
practices.  I am kicking the column off with an article called "software
Security" that you can find here:
http://www.cigital.com/papers/download/software-security-gem.pdf

Please note that this article is copyright (c) by the IEEE.  It will be
published in Volume 2, Number 2 (March/April).  I am making it available
to you IN ADVANCE in order to spark interest in the Department and to
ask for your help as software security people.

If you desire to co-author an article on a best practice with me, please
get in touch ASAP (after reading the first article, of course).  The
next edition is already slated for "Abuse Cases" which I have written
with Paco Hope and Annie Anton.  After that, many best practices await
coverage!

If you have comments about which best practices are most important to
you, or which I left out, or why the Common Criteria is the most amazing
software security panacea, or why the Orange Book is orange, I am all
ears!  Fire away.

gem

Gary McGraw, Ph.D.
CTO, Cigital
http://www.cigital.com



----------------------------------------------------------------------------
This electronic message transmission contains information that may be
confidential or privileged.  The information contained herein is intended
solely for the recipient and use by any other party is not authorized.  If
you are not the intended recipient (or otherwise authorized to receive this
message by the intended recipient), any disclosure, copying, distribution or
use of the contents of the information is prohibited.  If you have received
this electronic message transmission in error, please contact the sender by
reply email and delete all copies of this message.  Cigital, Inc. accepts no
responsibility for any loss or damage resulting directly or indirectly from
the use of this email or its contents.
Thank You.
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: