Secure Coding mailing list archives
Secure Programming with Static Analysis
From: gem at cigital.com (Gary McGraw)
Date: Mon, 9 Jul 2007 21:51:47 -0400
Both good ideas. Feel free to ping your friends and enemies with the URL. I would like to see an in depth book on each of the touchpoints. So far, the chess/west book covers code review. My next choice would be a book on architectural risk analysis. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com Sent from my treo. -----Original Message----- From: McGovern, James F (HTSC, IT) [mailto:James.McGovern at thehartford.com] Sent: Monday, July 09, 2007 03:00 PM Eastern Standard Time To: sc-l at securecoding.org Subject: Re: [SC-L] Secure Programming with Static Analysis If you are seeking additional book ideas for this series, may I suggest posting to computerbookauthors at yahoogroups.com? There are two books that I would love to see: - Designing Secure Software - Not everything is about the code - Procuring Secure Software - Most enterprises nowadays buy software vs build it -----Original Message----- From: sc-l-bounces at securecoding.org [mailto:sc-l-bounces at securecoding.org] On Behalf Of Gary McGraw Sent: Thursday, July 05, 2007 9:01 AM To: 'Brian Chess'; 'sc-l at securecoding.org' Subject: Re: [SC-L] Secure Programming with Static Analysis Hi sc-l, I have read this awesome book (more than once) and can vouch for it. It is an important part of the addison-wesley software security series, the series that includes: Software Security www.swsec.com Rootkits Exploiting Software Building Secure Software (and any day now Exploiting Online Games) For more on the series, see www.buildingsecurityin.com. We are always on the lookout for more titles for the series, especially if they dive deeply into one of the seven touchpoints, so if you have a book idea please let me know. Meanwhile, click on this link and buy Brian and Jacob's book: http://www.amazon.com/dp/0321424778 gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com ************************************************************************* This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. ************************************************************************* _______________________________________________ Secure Coding mailing list (SC-L) SC-L at securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
Current thread:
- Secure Programming with Static Analysis Brian Chess (Jul 04)
- <Possible follow-ups>
- Secure Programming with Static Analysis Gary McGraw (Jul 05)
- Secure Programming with Static Analysis McGovern, James F (HTSC, IT) (Jul 09)
- Secure Programming with Static Analysis Julie Ryan (Jul 09)
- Secure Programming with Static Analysis McGovern, James F (HTSC, IT) (Jul 09)
- Secure Programming with Static Analysis Gary McGraw (Jul 09)