[SC-L] (fwd) informIT: A Software Security Framework
Kenneth Van Wyk
ken at krvw.com
Wed Oct 15 08:31:36 EDT 2008
[Posted on behalf of Gary McGraw, who is without comms right now but
wanted this to go out today. KRvW]
hi sc-l,
Brian Chess and I have been working hard on a software security
framework that we are using in a scientific study of many of the top
software security initiatives. Our plan of action is to interview the
people running the top ten large-scale software security initiatives
over the next few weeks and then build a maturity model with the
resulting data.
That's right, we're actually using real data from real software
security programs.
Brian and I co-authored my informIT column this month, which just so
happens to be about the software security framework. Please check it
out, we're interested to know what you think!
http://www.informit.com/articles/article.aspx?p=1271382
gem
company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2252 bytes
Desc: not available
Url : http://krvw.com/pipermail/sc-l/attachments/20081015/e0bfbc03/attachment.bin
More information about the SC-L
mailing list