[SC-L] InternetNews Realtime IT News - New York Plans Application Security Program
Kenneth Van Wyk
ken at krvw.com
Wed Jan 14 12:08:32 EST 2009
Now here's an interesting development in the software security space.
Seems that New York State is going to start requiring contracted
application developers to conform with a minimum set of practices (as
covered in the SANS "Application Security Procurement Language", http://www.sans.org/appseccontract/)
.
http://www.internetnews.com/dev-news/article.php/3796091
IMHO, putting things like this into contract language is a good
thing. Even if the SANS list isn't the right one for everyone, it's a
starting point.
Cheers,
Ken
-----
Kenneth R. van Wyk
KRvW Associates, LLC
http://www.KRvW.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2252 bytes
Desc: not available
Url : http://krvw.com/pipermail/sc-l/attachments/20090114/19ca2980/attachment.bin
More information about the SC-L
mailing list