Secure Coding mailing list archives
BSIMM update (informIT)
From: gem at cigital.com (Gary McGraw)
Date: Thu, 28 Jan 2010 10:34:30 -0500
hi sc-l, David Rice (author of Geekonomics) is chairing the SANS software security summit in San Francisco next week. As part of the publicity leading up to that event we did a webcast last Friday. For those of you who were not able to attend the webcast, we captured the audio and video and are hosting that here: http://www.cigital.com/justiceleague/2010/01/28/bsimm-update/ Among other things, David and I discussed the difference between descriptive models like BSIMM and prescriptive models which purport to tell you what you should do. I just wrote an article about that for informIT. The title is "Cargo Cult Computer Security: Why we need more description and less prescription." http://www.informit.com/articles/article.aspx?p=1562220 Hope to see some of you in San Francisco. gem company www.cigital.com podcast www.cigital.com/silverbullet book www.swsec.com
Current thread:
- BSIMM update (informIT) Gary McGraw (Jan 28)
- BSIMM update (informIT) Steven M. Christey (Jan 28)
- BSIMM update (informIT) Kenneth Van Wyk (Feb 03)
- BSIMM update (informIT) McGovern, James F. (eBusiness) (Feb 04)
- BSIMM update (informIT) Brian Chess (Feb 04)
- BSIMM update (informIT) Gary McGraw (Feb 04)
- BSIMM update (informIT) McGovern, James F. (eBusiness) (Feb 04)
- BSIMM update (informIT) McGovern, James F. (eBusiness) (Feb 04)
- <Possible follow-ups>
- BSIMM update (informIT) Wall, Kevin (Feb 02)
- BSIMM update (informIT) Steven M. Christey (Feb 02)
- BSIMM update (informIT) Gary McGraw (Feb 03)
- BSIMM update (informIT) Mike Boberski (Feb 03)
- BSIMM update (informIT) Steven M. Christey (Feb 02)