Greetings from Leuven sc-l, Our fearless leader Ken gave a nice presentation on software security methodologies yesterday at secappdev. I wonder what he says about the Touchpoints when I'm not in the room?!
The third episode of Reality Check went live this morning. The episode features a conversation with Eric Baize who runs EMC's very impressive software security initiative. EMC is an example of an initiative following their own methodology by borrowing good ideas from SDL and also the Touchpoints. Lots of good stuff about software security practicalities: http://www.cigital.com/realitycheck/show-003/ Don't forget that Reality Check is syndicated by CSO Online (it's a good way to infect upper management with software security ideas). gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
