I read a news article about SANS & Partners Secure Coding Assessment and Certification Exams for Programmers.
http://www.securityfocus.com/news/11454 This webpage gives a lot of details about it, who is doing this, and how they score, etc: http://www.sans-ssi.org/ I copied and paste the Project Goals from that site: * Allow employers to rate their programmers on security skills so they can be confident that every project has at least one "security master" and all of their programmers understand the common errors and how to avoid them. * Provide a means for buyers of software and systems vendors to measure the secure programming skills of the people who work for the supplier. * Allow programmers to identify their gaps in secure programming knowledge in the language they use and target education to fill those gaps. * Allow employers to evaluate job candidates and potential consultants on their secure programming skills and knowledge. * Provide incentive for universities to include secure coding in required computer science, engineering, and programming courses. * Provide reporting to allow individuals and organizations to compare their skills against others in their industry, with similar education or experience or in similar regions around the world. Sounds interesting ... Jeremy C. Reed _______________________________________________ BSDCert mailing list [email protected] http://lists.nycbug.org/mailman/listinfo/bsdcert
