Hi sc-lers, At s3con this week I gave a keynote about the state of the practice in software security. Some of what I said is captured in my darkreading column this month:
http://www.darkreading.com/document.asp?doc_id=122253&WT.svl=column1_1 There are a couple of things worth noting. First of all, the article has some numbers in it that show how the market is growing. I believe we attained a $200-275 million level in 2006. Things look like they are continuing to grow as well. Second, this article discusses a few ways for a corporation to get started with software security, from the kinds of full blown initiatives that we recommend at Cigital to easier baby steps with badness-ometers like SPI Dynamics and Watchfire. Please do what you can to spread the word about this article so that people outside of our specialty get a feeling for what is happening. Software security is growing, and the growth is strong and consistent. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________