Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

quick question - SXSW

From: list-spam at secureconsulting.net (Benjamin Tomhave)
Date: Tue, 11 Mar 2008 09:43:16 -0400 (EDT)
I had just a quick query for everyone out there, with an attached thought.

How many security and/or secure coding professionals are prevalently
involved with the SXSW conference this week? I know, I know... it's a big
party for developers - particularly the Web 2.0 clique - but I'm just
curious.

Here's why: I'm increasingly frustrated by the disconnect between
business/dev and security. I don't feel like we're being largely
successful in getting the business and developers to include security as
part of their standard operating procedures. Developers are still
oftentimes lazy and sloppy, creating XSS and CSRF and SQL injection holes.

I then look at SXSW from afar and think: a) shouldn't I be there
evangelizing security? and, b) shouldn't a major thread to all these
conferences be about how security is integrating with dev processes and
practices, making it better?

Maybe I'm just too idealist. I'm curious what everyone else thinks.

cheers,

-ben

-- 
Benjamin Tomhave, MS, CISSP
falcon at secureconsulting.net
LI: http://www.linkedin.com/in/btomhave
Blog: http://www.secureconsulting.net/
Photos: http://photos.secureconsulting.net/
Web: http://falcon.secureconsulting.net/

"In answer to the question of why it happened, I offer the modest proposal
that our Universe is simply one of those things which happen from time to
time."
Edward P. Tryon
Previous By Date Next
Previous By Thread Next

Current thread: