Secure Coding mailing list archives
(fwd) informIT: A Software Security Framework
From: ken at krvw.com (Kenneth Van Wyk)
Date: Wed, 15 Oct 2008 08:31:36 -0400
[Posted on behalf of Gary McGraw, who is without comms right now but wanted this to go out today. KRvW] hi sc-l, Brian Chess and I have been working hard on a software security framework that we are using in a scientific study of many of the top software security initiatives. Our plan of action is to interview the people running the top ten large-scale software security initiatives over the next few weeks and then build a maturity model with the resulting data. That's right, we're actually using real data from real software security programs. Brian and I co-authored my informIT column this month, which just so happens to be about the software security framework. Please check it out, we're interested to know what you think! http://www.informit.com/articles/article.aspx?p=1271382 gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2252 bytes Desc: not available Url : http://krvw.com/pipermail/sc-l/attachments/20081015/e0bfbc03/attachment.bin
Current thread:
- (fwd) informIT: A Software Security Framework Kenneth Van Wyk (Oct 15)
- (fwd) informIT: A Software Security Framework McGovern, James F (HTSC, IT) (Oct 15)
- (fwd) informIT: A Software Security Framework Kenneth Van Wyk (Oct 16)
- The CERT C Secure Coding Standard Robert Seacord (Oct 19)
- FINAL NOTICE: OWASP Portugal EU Summit Dave Wichers (Oct 27)
- The CERT C Secure Coding Standard Robert Seacord (Oct 19)
- <Possible follow-ups>
- (fwd) informIT: A Software Security Framework Gary McGraw (Oct 15)