Secure Coding mailing list archives
quick question - SXSW
From: gem at cigital.com (Gary McGraw)
Date: Wed, 12 Mar 2008 20:06:12 -0400
Hi again, I rebooted the security track completely at SD West in 2003 (thanks to tami who I cc'ed here). I'm on the advisory board. We're slowly inching our way toward SDL/touchpoints/CLASP stuffs at SD West, though when I tried to cover the touchpoints and enterprise security in 2006, interest was weak. After 5 years of pounding we're getting there though! My suggestion? Get involved organizing these conferences and helping with thought leadership. And just for the record, having your PR dingbats submit (stupid)marketing talks does not count. Others getting the same treatment; SD Best Practices STAR West Better Software MISTI CSI NDSS Usenix security Rock on gem ----- Original Message ----- From: Andy Steingruebl <steingra at gmail.com> To: Gary McGraw Cc: list-spam at secureconsulting.net <list-spam at secureconsulting.net>; SC-L at securecoding.org <SC-L at securecoding.org> Sent: Wed Mar 12 19:35:35 2008 Subject: Re: [SC-L] quick question - SXSW On Wed, Mar 12, 2008 at 4:30 PM, Gary McGraw <gem at cigital.com> wrote:
Hey andy, You mean AJAX one? Last time I went there was zero interest and even less clue about security among attendees. The only shining light was a long conversation I had with bill joy about security critical decisions those guys screwed up with Java (especially with regards to closure).
A decade of evangelism only goes so far! Do help!
Fair enough :) I was looking at the program for the just finished SD West and the security track actually looks to have been pretty good. I think one thing we're missing from there is more emphasis on actual SDL process, rather than focus on individual items within it. Activities like how to form a steering group within a company, how to bootstrap some of the practices, etc. Do folks here have suggestions of conferences we ought to be targeting with these sorts of presentations, papers, etc? JavaOne seems like it might have been a good place to target. There are some smaller developer conferences out there, some general security conferences, and there has been discussion here and within OWASP as well of how we can start better targeting these forums for our evangelizing... Thoughts? -- Andy Steingruebl steingra at gmail.com
Current thread:
- quick question - SXSW, (continued)
- quick question - SXSW Benjamin Tomhave (Mar 12)
- quick question - SXSW Arian J. Evans (Mar 12)
- quick question - SXSW Mike Lyman (Mar 14)
- quick question - SXSW Arian J. Evans (Mar 14)
- quick question - SXSW Gary McGraw (Mar 14)
- quick question - SXSW Arian J. Evans (Mar 13)
- quick question - SXSW Andrew van der Stock (Mar 26)
- quick question - SXSW Andy Steingruebl (Mar 12)