Secure Coding mailing list archives
Re: SearchSecurity: Cyber Security and the Law
From: Lucas Ferreira <lucas.ferreira () gmail com>
Date: Thu, 9 Aug 2012 13:18:30 -0400
All, OWASP has a document which was targeted at the Brazilian government at first and then translates into English. It contains several proposals of government actions to improve the application security (and information security) landscape. The English version is available here: https://www.owasp.org/index.php/OWASP_Brasil_Manifesto/en The original version is here: https://www.owasp.org/index.php/OWASP_Brasil_Manifesto Hope this fits as concrete proposals. ;-) Regards, Lucas On Thu, Aug 9, 2012 at 10:45 AM, Iván Arce <ivan.w.arce () gmail com> wrote:
Gary, Could you elaborate a bit more? Specifically, what kind of incentives you have in mind? How would they work? The debate about what to do to improve software security at a national or larger scale is mostly populated with abstractions and generic ideas but the enumeration and description of concrete, specific measures to deploy is notably scant. -ivan On 8/3/12 9:32 AM, Gary McGraw wrote:hi greg, Good question. I'm biased of course, but I think a BSIMM type measurement is the best way to approach this. (See http://bsimm.com.) However, regardless of measurement I strongly believe that incentives are way better than regulations and penalties._______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
-- Homo sapiens non urinat in ventum. _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Jeffrey Walton (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Greg Beeley (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 08)
- Re: SearchSecurity: Cyber Security and the Law Iván Arce (Aug 09)
- Re: SearchSecurity: Cyber Security and the Law Lucas Ferreira (Aug 09)
- Re: SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Iván Arce (Aug 08)
- Re: SearchSecurity: Cyber Security and the Law Jeffrey Walton (Aug 02)