Hi all, The seventh and eighth articles in my IEEE Security & Privacy magazine series called "Building Security In" are on Knowledge Management for software security and building a Software Security program. These were co-authored with Sean Barnum and Dan Taylor of Cigital. As a service to the community, we're making advance copies available here:
http://www.cigital.com/papers/download/bsi7-knowledge.pdf http://www.cigital.com/papers/download/bsi8-program.pdf I am sure many of you already subscribe to S&P. If you don't yet, you should...check out http://www.computer.org/security/. gem Previous articles in the series: http://www.cigital.com/papers/download/bsi6-pentest.pdf http://www.cigital.com/papers/download/bsi5-static.pdf http://www.cigital.com/papers/download/misuse-bp.pdf http://www.cigital.com/papers/download/risk-analysis.pdf http://www.cigital.com/papers/download/j2oth-qxd.pdf http://www.cigital.com/papers/download/software-security-gem.pdf ---------------------------------------------------------------------------- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. ----------------------------------------------------------------------------
