hi sc-l, I am pleased to announce that episode 68 of the Silver Bullet Security Podcast is an interview of Cigital's own John Steven. jOHN (or jS) as he is know around here is a well-respected technologist and software security practitioner. He served a stint editing the Building Security In column for IEEE S&P magazine along with Gunnar Peterson. He is also a very active OWASP participant. I have worked closely with jS for many years and greatly value his insight and leadership in software security.
jS and I discuss how software architecture is being pulled by financial services instead of being pushed by technology firms, why architecture risk analysis is so important (and so hard to automate), the bias that developers and security practitioners show towards security features rather than software security Touchpoints, and enterprise use of static analysis tools. Have a listen: http://www.cigital.com/silverbullet/ As always, your feedback on Silver Bullet is welcome. This episode's victim in particular was suggested by Kevin Wall. Who do you want to hear on Silver Bullet? gem P.S. Can you tell December starts tomorrow? I am squeaking past the monthly deadlines with hours to spare this month! company www.cigital.com blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________