Simple. Owasp esapi + owasp appsensor + honeypot = win Sent from my iPwn
On Sep 2, 2011, at 10:44 AM, "Goertzel, Karen [USA]" <goertzel_ka...@bah.com> wrote: > What we need is to start building software that can fight back. Then we could > become part of "cyber warfare" which is much sexier than "software > assurance". :) > > === > Karen Mercedes Goertzel, CISSP > Booz Allen Hamilton > 703.698.7454 > goertzel_ka...@bah.com > > Sorry, you have reached an imaginary number. > If you require a real number, please rotate > your phone by ninety degrees and try again. > From: sc-l-boun...@securecoding.org [sc-l-boun...@securecoding.org] on behalf > of Rafal [ra...@ishackingyou.com] > Sent: 01 September 2011 22:59 > To: co...@linus.mitre.org; shad...@gmail.com > Cc: a...@homeport.org; sc-l@securecoding.org > Subject: Re: [SC-L] informIT: Building versus Breaking > > Steve, > I think that the problem we have here is classic - defense isnta sexy. I > think you could get DHS to sponsor one maybe? I think between some government > funds, and some vendor support you'd be OK on costs, but the larger question > of whether people would come... only time would tell. > > > > > Rafal Los - Security & Intelligence | Voice/Text: (765) 247-2325 | Twitter: > @RafalLos > > "Steven M. Christey" <co...@linus.mitre.org> wrote: > > While I'd like to see Black Hat add some more defensive-minded tracks, I > just realized that this desire might a symptom of a larger problem: there > aren't really any large-scale conferences dedicated to defense / software > assurance. (The OWASP conferences are heavily web-focused; Dept. of > Homeland Security has its software assurance forum and working groups, but > those are relatively small.) > > If somebody built it, would anybody come? > > - Steve > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________ > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
