Secure Coding mailing list archives
Re: informIT: vBSIMM (BSIMM for Vendors)
From: Tom Brennan <tomb () owasp org>
Date: Wed, 13 Apr 2011 02:47:43 -0400
Think we have a updated topic panel for JPMC OWASP Event in NYC https://www.owasp.org/index.php/NYNJMetro Sent from a mobile device On Apr 12, 2011, at 7:38 PM, "Kevin W. Wall" <kevin.w.wall () gmail com> wrote:
On 04/12/2011 04:32 PM, James Manico wrote:Hi Gary, You may wish to consider the OWASP Legal Project at https://www.owasp.org/index.php/Category:OWASP_Legal_Project which is a positive, free, and open resource to assist in building legal contractal agreements around software security with your vendors. The state of NY procurement and others have been using this material as a basis for vendor contract language for years.Along the same lines, the SANS Institute has formulated their "Application Security Procurement Language" <http://www.sans.org/appseccontract/> While IANAL seems to be heavily borrowed (with proper acks) from the OWASP Legal Project. -kevin -- Kevin W. Wall "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We cause accidents." -- Nathaniel Borenstein, co-creator of MIME _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- informIT: vBSIMM (BSIMM for Vendors) Gary McGraw (Apr 12)
- Re: informIT: vBSIMM (BSIMM for Vendors) James Manico (Apr 12)
- Re: informIT: vBSIMM (BSIMM for Vendors) Kevin W. Wall (Apr 12)
- Re: informIT: vBSIMM (BSIMM for Vendors) Tom Brennan (Apr 13)
- Re: informIT: vBSIMM (BSIMM for Vendors) Kevin W. Wall (Apr 12)
- Re: informIT: vBSIMM (BSIMM for Vendors) Steven M. Christey (Apr 12)
- Re: informIT: vBSIMM (BSIMM for Vendors) James Manico (Apr 12)