Wanted to introduce another worst practice in terms of Universities vs
Enterprises that isn't about curriculum but is about knowledge of secure
coding. There are user groups such as OWASP where topics such as secure
coding are frequently discussed. These events are 100% free to attend
and are filled with professionals.

On my side of town, the professors that happen to be adjunct and have a
day job in corporations for whatever reason also are not only
introducing secure coding techniques into their material, they are
encouraging their students to attend our local Hartford OWASP chapter
(http://www.owasp.org/index.php/Hartford) Likewise, on numerous
occasions, we have reached out and extended the same invite to fulltime
professors who have neither made any effort in attending nor even
sharing with their students. 

So, when do we ask the more difficult question of whether current
professors are capable of teaching the curriculum in a manner that
enables the success for their students...
This communication, including attachments, is for the exclusive use of 
addressee and may contain proprietary, confidential and/or privileged 
information.  If you are not the intended recipient, any use, copying, 
disclosure, dissemination or distribution is strictly prohibited.  If you are 
not the intended recipient, please notify the sender immediately by return 
e-mail, delete this communication and destroy all copies.

Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.

Reply via email to