Recently I sent a note about the Organic Progression of the Secure SDLC. One of the major points that we raise in that model is the difficulty with "Climbing the Wall": Getting the lines of business to commit resource to application/software security. This is one of the most fundamental challenges in building a secure SDLC.
We offer some simple high level thoughts and a PPT deck you can use here: http://www.sdelements.com/secure-sdlc/software-security-throughout-life-cycle-9-steps/how-climb-wall/ I'm curious to see what others have have done / seen to climb the wall effectively -- Rohit Sethi SD Elements http://www.sdelements.com twitter: rksethi
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________