hi neil, For what it's worth, there is a list of universities with some kind of software security curriculum on page 98 of "Software Security" <http://swsec.com>. Remember, this list was created in 2006, and lots of other universities have jumped on the bandwagon since then.
* University of California at Davis * University of Virginia * Johns Hopkins University * Princeton University * Purdue University (especially the CERIAS center) * Rice University * University of California at Berkeley * Stanford University * Naval Postgraduate School (a military school for graduates) * University of Idaho * Iowa State University * George Washington University * United States Military Academy at West Point Matt Bishop made some excellent points in this thread. He and I discuss the notion of education versus training at length in Silver Bullet episode 31 <http://www.cigital.com/silverbullet/show-031/> part of which was transcribed here <http://www.cigital.com/silverbullet/shows/silverbullet-031-mbishop.pdf>. gem company www.cigital.com book www.swsec.com On 8/19/09 5:15 PM, "Neil Matatall" <nmata...@uci.edu> wrote: Inspired by the "What is the size of this list?" discussion, I decided I won't be a lurker :) A question prompted by http://michael-coates.blogspot.com/2009/04/universities-web-app-security.html </redirect?url=http%3A%2F%2Fmichael-coates%2Eblogspot%2Ecom%2F2009%2F04%2Funiversities-web-app-security%2Ehtml&urlhash=c5OA&_t=disc_detail_link> and the OWASP podcast mentions So where does secure coding belong in the curriculum? Higher Ed? High School? Undergrad? Grad? Extension? I started a discussion in the Educause group on linked in. I guess it requires authentication and possibly group membership: http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=&gid=138011&discussionID=5737656 It looks like some Universities are offering courses now... Neil _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
