Well, one of the objectives of employing secure coding practices is just that -
to raise the cost and complexity of exploiting bugs.
Cheers,
Prasad
> On Sep 20, 2013, at 7:47 PM, "Bobby G. Miller" wrote:
>
> I was just listening to a podcast interviewing a security executive from a
> promine
Gary,
Great article and since you used attacks and categories in the same :)
sentence I am tempted to ask if you looked at WASC Threat
Classification project?
On Tuesday, August 25, 2009, Steven M. Christey wrote:
>
> Gary,
>
> You said in the article:
>
>>The next category of attacks to expect a
Wow indeed. Does that makes IBM the only vendor to offer both Static
and Dynamic software security testing/analysis capabilities?
Thanks & Regards,
Prasad N. Shenoy
On Tue, Jul 28, 2009 at 10:19 AM, Kenneth Van Wyk wrote:
> Wow, big acquisition news in the static code analysis space announced tod
> anyone wishes to collaborate on this guide.
>
> - Jim
>
>
> ----- Original Message - From: "Prasad Shenoy"
> To:
> Sent: Friday, June 19, 2009 10:18 AM
> Subject: [SC-L] Security Architecture Cheat Sheet - Lenny Zeltser
>
>
>> Lenny Zeltser
,
Prasad Shenoy
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by
Great idea but why would you say CISSP is meaningless or MCSE is
meaningless? Certifications are like technology. They have a place where
they fit. CISSP became so popular and prolific because of the vast field of
coverage (10 domains) that a certified practitioner had to study,
understand, relate