gets burned in to QA like
other problems in software development, making the team responsible for
security in reviews and testing etc. That's a big step to get to.
/Jim
- Original Message -
From: Rohit Sethi rkli...@gmail.com
Date: Tuesday, July 19, 2011 4:18 pm
Subject: Re
Kevin, that's fantastic insight. If you convert it to a blog posting I'll
add a link to it
On Thu, Jul 28, 2011 at 1:01 PM, Wall, Kevin kevin.w...@qwest.com wrote:
Rohit Sethi wrote:
** **
Recently I sent a note about the Organic Progression of the Secure SDLC.
One
for every company it is not.
- Jim Manico
--
Rohit Sethi
SD Elements
http://www.sdelements.com
twitter: rksethi
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc
Jul 2011 15:48:50 -0400
To: 'Rohit Sethi' rkli...@gmail.commailto:rkli...@gmail.com, Secure
Code Mailing List SC-L@securecoding.orgmailto:SC-L@securecoding.org
Subject: Re: [SC-L] The Organic Secure SDLC
Rohit – How is this different from BSIMM?
Thanks,
Anurag Agarwal
MyAppSecurity Inc
the wall is a point in the curve
where the effort is high.
Anyways, this is just the order that some firms seem to adopt activities
in their lifecycles. It is not a lifecycle.
Paco
--
Rohit Sethi
SD Elements
http://www.sdelements.com
twitter: rksethi
has lived through developing a secure
SDLC I'd love to hear your thoughts about the model's accuracy / relevancy.
If you know of any practical whitepapers / articles that might be of use to
somebody responsible for moving to the next in this model then please let me
know.
Cheers,
--
Rohit Sethi
this? Does §164.312(c)(2) simply boil down to
sufficient access control?
--
Rohit Sethi
SD Elements
http://www.sdelements.com
twitter: rksethi
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com
to prescribe a remedy
And I got lots of money but it isn't what I need
Gonna take more than a shot to get this poison outta me
And I got all the symptoms, count 'em 1, 2, 3
;)
Jim Manico
On Apr 26, 2011, at 2:35 AM, Rohit Sethi rkli...@gmail.com wrote:
Hi all,
Has anyone had to deal
not
also look at joining efforts with something like the Rugged Manifesto
movement? fwiw.
On 3/11/11 1:14 PM, Rohit Sethi wrote:
Last year we released a project called the Secure Web Application
Framework Manifesto on OWASP. I'd like to announce that we're closing
it, in favor of simply working
We just put together a post primarily aimed at architects and lead
developers of web apps. Check it out:
http://labs.securitycompass.com/index.php/2011/02/10/5-key-design-decisions-that-affect-security-in-web-applications/
--
Rohit Sethi
Security Compass
http://www.securitycompass.com
twitter
___
--
Rohit Sethi
Security Compass
http://www.securitycompass.com
twitter: rksethi
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman
to
solicit feedback from the security community prior to turning it into
an official project.
Here’s the link to the paper:
http://labs.securitycompass.com/papers/secure-web-application-framework-manifesto-v0-05.pdf
--
Rohit Sethi
Security Compass
http://www.securitycompass.com
security community.
___
--
Rohit Sethi
Security Compass
http://www.securitycompass.com
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com
morning
10:10 at Purple 310. We're bringing hard copies of the paper to
distribute at the talk, and we'd love to see you there.
Cheers,
--
Rohit Sethi
Security Compass
http://www.securitycompass.com
___
Secure Coding mailing list (SC-L) SC-L
14 matches
Mail list logo