hi sc-l, Turns out lots of different kinds of enterprises are spearheading large scale software security initiatives. VMware has an extensive software security initiative that has leveraged and evolved the EMC approach. Kris Inglis runs the product security group at VMware (what I would term their software security group). We talk about Vmware's approach in episode 8 of Reality Check:
http://www.cigital.com/realitycheck/show-008/ Reality Check is syndicated by CSO magazine. gem company www.cigital.com podcast www.cigital.com/silverbullet blog www.cigital.com/justiceleague book www.swsec.com _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________