Re: [SC-L] SearchSecurity: Dynamism
On Thu, Aug 20, 2015 at 8:20 PM, Johan Peeters y...@johanpeeters.com wrote: nice one, Gary. Finally something positive about agile and DevOps. A trick that you may have missed is immutable servers, see Docker and friends. They will be a leap forward for server security when they hit the mainstream. Immutable servers are nice -- let's deploy them. Yet, in an execution environment where code is data and data is code, high assurance software will also require control-flow integrity in the face of malicious input. Or, what we would be left with are weird machines instantiated from disposable images. -- Alfonso ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
Re: [SC-L] SearchSecurity: Dynamism
nice one, Gary. Finally something positive about agile and DevOps. A trick that you may have missed is immutable servers, see Docker and friends. They will be a leap forward for server security when they hit the mainstream. ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___
[SC-L] SearchSecurity: Dynamism
hi sc-l, What is the relationship between dynamic languages and dynamic methodologies? What is the impact on software security? This article provides a gentle introduction: http://bit.ly/gem-dynamic Feedback welcome. Pass it on. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___