Monday, 14 January 2008

Getting Started

« Has Online Banking become Safer than Offline Banking? | Main | The Checklist »

Software security can be hard to talk about, sometimes because people who make software are an incredibly diverse bunch. I’m not talking about globalization, I’m referring to the fact that the term “software” covers a lot of ground. Building operating systems, web sites, cell phones, and airplanes all require major software chops, and they all require an understanding of security, but they are very different undertakings.

If you’re talking to someone about the new software security initiative you just got off the ground, the result can be wild confusion before you figure out that the other person’s take on what a “software security initiative” means is completely different than your own. I like McGraw’s latest DarkReading column because it gives a nice overview of the different ways people get started.

Posted by default at 12:52 PM in Random

Responses (0)

[Trackback URL for this entry]

Your comment:

Author (*):

E-mail:

URL:

Comment (*):

Remember me?

SCode: (*)

Generate another code
SCode

Please enter the code as seen in the image above to post your comment.

Live Comment Preview:

« January »
Sun	Mon	Tue	Wed	Thu	Fri	Sat
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Recent Posts
- Back to All Posts
Meet the Bloggers
- Jacob West
- Joy Forsythe
- Yekaterina Tsipenyuk O’Neil
- Matias Madou
- Abraham Kang
- Sejal Kamani
- Sarah Cheng
- Sam Ng
- Alexander Hoole
- Jack Herrington
Categories
Fortify Resources

Software Security Resources

Products and Services
Recommended Blogs
- Justice League
- Schneier on Security
- SecurityFix
- CERIAS
- Security Curve
- 1 Raindrop
- Michael Howard's Weblog
- Computer Security
- A Passion for .NET Security
- Emergent Chaos
Subscribe

Feedburner (RSS)

Local (RSS)

Local (RSS v2.0)

Local (Atom)
About

Fortify Software
Recommended Books
- Secure Programming with Static Analysis
  by Brian Chess and Jacob West
- Security Metrics: Replacing Fear, Uncertainty, and Doubt
  by Andrew Janquith
- Building Secure Software: How to Avoid Security Problems the Right Way
  by John Viega and Gary McGraw
- IEEE Security & Privacy Magazine
- How to Break Software Security
  by J. Whittaker and H. Thompson
- Security Engineering
  by Ross Andersen
- Software Security: Building Security In
  by Gary McGraw
- The Security Development Lifecycle
  by Michael Howard and Steve Lipner
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes
  by Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan "noir" Eren, Neel Mehta, Riley Hassell
- Writing Secure Code, 2nd ed.
  by M. Howard and D. LeBlanc

Off by On

A Software Security Blog

Monday, 14 January 2008

Getting Started

Your comment:

Live Comment Preview:

Recent Posts

Meet the Bloggers

Categories

Fortify Resources

Recommended Blogs

Subscribe

About

Recommended Books