Re: [SC-L] SearchSecurity: Dynamism

nice one, Gary. Finally something positive about agile and DevOps. A trick that you may have missed is immutable servers, see Docker and friends. They will be a leap forward for server security when they hit the mainstream. ___ Secure Coding mailing list

[SC-L] security in open source components

? Or can anyone allay my fears? kr, Yo -- Johan Peeters http://johanpeeters.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http

Re: [SC-L] Application Security Debt and Application Interest Rates

. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates ___ -- Johan Peeters http://johanpeeters.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information

[SC-L] discounts for SecAppDev for independents and start-ups

, but do not hesitate to contact me if you have further questions. I hope to see you soon. Yo -- Johan Peeters Program Director http://secappdev.org ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http

[SC-L] SecAppDev 2011

. Registration is on a first-come, first-served basis. A 25% Early Bird discount is available until December 31. Public servants receive a 50% discount. Kind regards, Yo -- Johan Peeters Program Director http://secappdev.org ___ Secure Coding mailing list (SC-L) SC

[SC-L] Announcement SecAppDev 2010

is on a first-come, first-served basis. A 25% Early Bird discount is available until January 15th. Public servants receive a 50% discount. Best Wishes for 2010, Yo -- Johan Peeters Program Director http://secappdev.org ___ Secure Coding mailing list (SC-L) SC-L

Re: [SC-L] Provably correct microkernel (seL4)

Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ -- Johan Peeters http://johanpeeters.com ___ Secure Coding mailing list (SC-L) SC-L

Re: [SC-L] Provably correct microkernel (seL4)

kernel and hence a security chokepoint. The other stuff running on top do not need the same level of assurance. kr, Yo -- Johan Peeters http://johanpeeters.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions

Re: [SC-L] Some Interesting Topics arising from the SANS/CWE Top 25

, if it has a rating' :-) Before setting to work on your example, Florian, I would rephrase it as 'the date of entry of the shipment address must not be after the date of entry of credit card details'. I would then consider this an input validation problem. kr, Yo -- Johan Peeters http

Re: [SC-L] quick question - SXSW

://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ -- Johan Peeters http://johanpeeters.com

[SC-L] secappdev 2008

disappointment. kr, Yo -- Johan Peeters http://secappdev.org http://johanpeeters.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available

Re: [SC-L] Mainframe Security

ljknews [EMAIL PROTECTED] wrote: At 9:16 PM +0100 11/1/07, Johan Peeters wrote: I think this could do a great service to the community. Recently I was hired by a major financial institution as a lead developer. They said they needed me for some Java applications, but it turns out

Re: [SC-L] Mainframe Security

(http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ -- Johan Peeters http://johanpeeters.com ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List

Re: [SC-L] Software Security Training for Developers

point, at what management level was it loudly supported? Thanks for your insights, Hollis At 11:51 AM 8/19/2007, Johan Peeters wrote: From my experience with secappdev.org (http://secappdev.org), a not-for-profit organization set up to create security awareness and improve skills

Re: [SC-L] Software Security Training for Developers

and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ -- Johan Peeters http://johanpeeters.com ___ Secure Coding mailing list

Re: [SC-L] Ajax one panel

/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php -- Johan Peeters program director http://www.secappdev.org +32 16 649000 ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information

Re: [SC-L] Ajax one panel

, language arcana! gem -Original Message- From: Johan Peeters [mailto:[EMAIL PROTECTED] Sent: Sun May 21 09:08:14 2006 To: John Steven Cc: Gary McGraw; Mailing List, Secure Coding; SSG Subject:Re: [SC-L] Ajax one panel We may be at cross purposes. I understand your concern

Re: [SC-L] Information Security Considerations for Use Case Modeling

stories. I have proposed to also extend user stories to abuser stories (http://www.johanpeeters.com/papers/abuser stories.pdf). kr, Yo Gunnar Peterson wrote: I have published a new paper on integrating security into Use Case Modeling: http://www.arctecgroup.net/secusecase.htm -gp -- Johan