[SC-L] quick question - SXSW
Andy Steingruebl
steingra at gmail.com
Wed Mar 12 18:35:35 EST 2008
On Wed, Mar 12, 2008 at 4:30 PM, Gary McGraw <gem at cigital.com> wrote:
> Hey andy,
>
> You mean AJAX one? Last time I went there was zero interest and even less clue about security among attendees. The only shining light was a long conversation I had with bill joy about security critical decisions those guys screwed up with Java (especially with regards to closure).
>
> A decade of evangelism only goes so far! Do help!
Fair enough :) I was looking at the program for the just finished SD
West and the security track actually looks to have been pretty good.
I think one thing we're missing from there is more emphasis on actual
SDL process, rather than focus on individual items within it.
Activities like how to form a steering group within a company, how to
bootstrap some of the practices, etc.
Do folks here have suggestions of conferences we ought to be targeting
with these sorts of presentations, papers, etc? JavaOne seems like it
might have been a good place to target. There are some smaller
developer conferences out there, some general security conferences,
and there has been discussion here and within OWASP as well of how we
can start better targeting these forums for our evangelizing...
Thoughts?
--
Andy Steingruebl
steingra at gmail.com
More information about the SC-L
mailing list