Upon reading this, I had several thoughts come to mind: 1. If we are to truly solve the last mile, we need to also choose more mainstream conferences such as STPCon (http://www.stpcon.com) since they also have an associated magazine (Software Test and Performance) which may stimulate more magazine articles on the topic. I did a quick run upstairs to our QA folks and asked them what magazines do they read as well as awareness of certain conferences.
2. What do you think we can do as a unified group of individuals in terms of a listserv to encourage various industry analyst firms such as Gartner, Forrester and The Burton Group to talk about Secure Software Testing as a research area? Many CIOs and other IT executives put lots of value into what they say. We need more top down. 3. What would it take to get more speaker diversity? We have to figure out how to get more end-customers telling their own stories vs vendors and consulting firms -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paco Hope Sent: Thursday, August 16, 2007 1:41 PM To: Secure Coding Subject: [SC-L] Security Testing track: Software Testing Conference:Washington DC Hey folks, One of my strong beliefs is that we're never going to close the loop on "Building Security In" until we get the QA side of the house involved in security. To that end, I'm co-chairing VERIFY 2007, a software testing conference where we have a security testing track. (In addition to more typical QA issues like test automation) I thought some folks on this list may be interested in attending, or passing it on to your colleagues in QA organizations. Conference web site is http://verifyconference.com/ and you can get a 2-page "Conference in a Nutshell" PDF here: http://verifyconference.com/images/verify/verify2007.pdf Please help me spread the word. Thanks, Paco -- Paco Hope, CISSP Co-Chair, VERIFY 2007 http://verifyconference.com/ * +1.703.606.1905 ************************************************************************* This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. ************************************************************************* _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________