Friday, 6 March 2009

The Security Fig Tree

« BSIMM | Main | Fortify Java Annotations »

Gunnar Peterson just posted an insightful response to a comment on a webcast that he and I (mostly he) did on SOA a while back. Most importantly, Gunnar reiterates the point that there's a big divide between most of the set folks with software knowledge and the set with security knowledge. Technology is great, and we're learning more and more ways to leverage it to productive ends, but arming the people responsible for building secure software with the right know-how is critical.

Posted by jwest at 4:37 PM in Research

Responses (0)

[Trackback URL for this entry]

Your comment:

Author (*):

E-mail:

URL:

Comment (*):

Remember me?

SCode: (*)

Generate another code
SCode

Please enter the code as seen in the image above to post your comment.

Live Comment Preview:

« March »
Sun	Mon	Tue	Wed	Thu	Fri	Sat
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

Recent Posts
- Back to All Posts
Meet the Bloggers
- Brian Chess
- Jacob West
- Joy Forsythe
- Yekaterina Tsipenyuk O’Neil
- Matias Madou
- Abraham Kang
- Sejal Kamani
- Sarah Cheng
- Sam Ng
- Jack Herrington
Categories
Fortify Resources

Software Security Resources

Products and Services
Recommended Blogs
- Justice League
- Schneier on Security
- SecurityFix
- CERIAS
- Security Curve
- 1 Raindrop
- Michael Howard's Weblog
- Computer Security
- A Passion for .NET Security
- Emergent Chaos
Subscribe

Feedburner (RSS)

Local (RSS)

Local (RSS v2.0)

Local (Atom)
About

Fortify Software
Recommended Books
- Secure Programming with Static Analysis
  by Brian Chess and Jacob West
- Security Metrics: Replacing Fear, Uncertainty, and Doubt
  by Andrew Janquith
- Building Secure Software: How to Avoid Security Problems the Right Way
  by John Viega and Gary McGraw
- IEEE Security & Privacy Magazine
- How to Break Software Security
  by J. Whittaker and H. Thompson
- Security Engineering
  by Ross Andersen
- Software Security: Building Security In
  by Gary McGraw
- The Security Development Lifecycle
  by Michael Howard and Steve Lipner
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes
  by Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan "noir" Eren, Neel Mehta, Riley Hassell
- Writing Secure Code, 2nd ed.
  by M. Howard and D. LeBlanc

Off by On

A Software Security Blog

Friday, 6 March 2009

The Security Fig Tree

Your comment:

Live Comment Preview:

Recent Posts

Meet the Bloggers

Categories

Fortify Resources

Recommended Blogs

Subscribe

About

Recommended Books