-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Crispin Cowan wrote:
>
>> This is particularly interesting to me because I just had a doctoral
>> student come to me with an idea for dissertation research that
>> included an hypothesis that organizations at SEI 1 were better able to
>> estimate so
Thanks for the feedback and link (as well as to those who have replied off
line). Note, I did not intend that the 5 tools I listed were exhaustive, just
trying to get an idea what works in the field and wanted to get the ball
rolling. Any other candidates out there? Flawfinder, anyone?
-gp
Quoti
You seem to be leaving out one of the largest open efforts at security. ISECOM
at
http://www.isecom.org covers
security testing, secure coding, incident response and other security related
topics.
-Original Message-
From: Gunnar Peterson
Date: 4/19/05 6:32 am
To: Secure Coding Mailing
I was thinking about something that Dave Winer said on the Gillmor Gang
about how the software industry moves forward when small groups (like 1
or 2) of developers get motivated to solve a problem. I was wondering
how this applies to software security, since it seems like a perfect
description for