hi sc-l, Thomson Reuters participated in the BSIMM Europe study released this fall. Tom Lawton has put together a very successful software security initiative which is focused squarely on the business. We discuss Tom's SSG, and the Thomson Reuters approach to software security in episode 11 of Reality Check:
http://www.cigital.com/realitycheck/show-011/ Of note, each of the 11 firms covered in Reality Check has a formal SSG. If you want to know more about how these real world SSGs approach software security, simply have a listen. Reality Check, which debuted this year, has covered an impressive list of companies from many different verticals so far: Microsoft, DTCC, EMC, Adobe, Wells Fargo, Paypal, Intuit, Vmware, The Hartford, Nokia, and Thomson Reuters. CSO Magazine syndicates Reality Check. Your feedback on the podcast is welcome. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleage book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
