Silver Bullet 68

[Gary McGraw <gem () cigital com>]

hi sc-l,

I am pleased to announce that episode 68 of the Silver Bullet Security Podcast is an interview of Cigital's own John 
Steven.  jOHN (or jS) as he is know around here is a well-respected technologist and software security practitioner.  
He served a stint editing the Building Security In column for IEEE S&P magazine along with Gunnar Peterson.  He is also 
a very active OWASP participant.  I have worked closely with jS for many years and greatly value his insight and 
leadership in software security.

jS and I discuss how software architecture is being pulled by financial services instead of being pushed by technology 
firms, why architecture risk analysis is so important (and so hard to automate), the bias that developers and security 
practitioners show towards security features rather than software security Touchpoints, and enterprise use of static 
analysis tools.

Have a listen: http://www.cigital.com/silverbullet/

As always, your feedback on Silver Bullet is welcome.  This episode's victim in particular was suggested by Kevin Wall. 
 Who do you want to hear on Silver Bullet?

gem

P.S. Can you tell December starts tomorrow?  I am squeaking past the monthly deadlines with hours to spare this month!

company www.cigital.com
blog www.cigital.com/justiceleague
book www.swsec.com

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________