Secure Coding mailing list archives
Information Security Mag: Vendor Control and Software Security
From: Gary McGraw <gem () cigital com>
Date: Tue, 5 Feb 2013 20:12:20 -0500
hi sc-l, My monthly column [in]security is sometimes published as part of Information Security Magazine. That's what happened with this column I wrote way back in December. It is appearing in the Feb/Mar issue of ISM. And here it is on the intarwebs. This article suggests combining at least two measurements: 1) process measurement with vBSIMM and 2) application measurement with binary, static, or hybrid analysis. This article begins to explain to the general security practitioner (think network security person) how that all works: http://bit.ly/Y8UeIb Please read this and pass it on. I am interested in hearing your thoughts. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- Information Security Mag: Vendor Control and Software Security Gary McGraw (Feb 07)