InternetNews Realtime IT News - New York Plans Application Security Program

[ken at krvw.com (Kenneth Van Wyk)]

Now here's an interesting development in the software security space.   
Seems that New York State is going to start requiring contracted  
application developers to conform with a minimum set of practices (as  
covered in the SANS "Application Security Procurement Language", http://www.sans.org/appseccontract/) 
.

http://www.internetnews.com/dev-news/article.php/3796091

IMHO, putting things like this into contract language is a good  
thing.  Even if the SANS list isn't the right one for everyone, it's a  
starting point.

Cheers,

Ken

-----
Kenneth R. van Wyk
KRvW Associates, LLC
http://www.KRvW.com





-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2252 bytes
Desc: not available
Url : http://krvw.com/pipermail/sc-l/attachments/20090114/19ca2980/attachment.bin