An Opportunity to Influence the Art of Secure Software Development

Until the end of July, all who have a passion for software assurance can turn their passion into an opportunity to influence the content of one of the foremost reference documents on the topic. The first version of the report “Fundamental Practices for Secure Software Development”, published by the Software … READ MORE

Eric Baize July 8th, 2009

A Security Engineering Training Framework

If there is one topic on which most security practitioners agree, it is the fact that employee training must be part of your organization’s security strategy. For IT users, the field of security training is pretty mature. Many of us go through yearly mandatory training reminding us to use passwords … READ MORE

Eric Baize May 12th, 2009

The RSA Share Project: A Software Security Developer Community

This week, RSA, the Security Division of EMC, launched the RSA Share Project — an important milestone for those of us interested in advancing the adoption of security practices across the software developer community. According to the press release, the project is “designed to bring world-class security tools within reach … READ MORE

Eric Baize April 21st, 2009

“My software is secure, I use encryption!”

“My software is secure, I use encryption!” How many times have we, software security practitioners, heard this when engaging with software development teams? I certainly have, and this is typically followed by a barrage of questions to the development team that signifies that they are about to enter a tumultuous … READ MORE

Eric Baize April 17th, 2009
Click to Load More