hi sc-l, Software security can be tricky when it comes to requirements, mostly because customers and consumers don't explicitly demand security, rather they impicitly expect it. That's one of several points in this video podcast produced by Addison-Wesley.
Check it out: http://www.informit.com/podcasts/episode.aspx?e=4fc6bda8-c8c0-426e-b7ad-07275d636f34&rl=1 gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________