Secure Coding mailing list archives
Reality Check: EMC Eric Baize
From: ken at krvw.com (Kenneth Van Wyk)
Date: Tue, 3 Mar 2009 10:25:52 +0100
On Mar 3, 2009, at 10:11 AM, Gary McGraw wrote:
Our fearless leader Ken gave a nice presentation on software security methodologies yesterday at secappdev. I wonder what he says about the Touchpoints when I'm not in the room?!
Thanks for the kind words. What I say about the Touchpoints, Microsoft's SDL, or OWASP's CLASP remains the same whether you're in the room or not. They all offer good points and bad points. I tend to favor a hybrid approach that works well for me, which is what I always recommend to my customers. More importantly, though, I am eager to update the message with what the companies who participated in the BSIMM are actually doing in practice. Cheers, Ken ----- Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2252 bytes Desc: not available Url : http://krvw.com/pipermail/sc-l/attachments/20090303/93cdee93/attachment.bin
Current thread:
- Reality Check: EMC Eric Baize Gary McGraw (Mar 03)
- Reality Check: EMC Eric Baize Kenneth Van Wyk (Mar 03)
- Reality Check: EMC Eric Baize Gary McGraw (Mar 03)
- Reality Check: EMC Eric Baize Kenneth Van Wyk (Mar 03)