Hi list, Security Compass is pleased to announce the launch of SecCom Labs at http://labs.securitycompass.com - our site dedicated to free security resources for software developers.
The first major contribution is a security analysis of the Core J2EE Patterns. We reviewed every pattern and outlined common security pitfalls and positive security practices based on our experience. Our hope is that by analying security at the pattern level, we can help spur secure software at the design phase. We'd really appreciate your feedback! We'll be presenting the paper at the RSA conference tomorrow morning 10:10 at Purple 310. We're bringing hard copies of the paper to distribute at the talk, and we'd love to see you there. Cheers, -- Rohit Sethi Security Compass http://www.securitycompass.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________