November 20th and 21st many of your SC-L peers will be in attendance of
AppSecUSA presented by OWASP Foundation. This is a time to reconnect
face-to-face with your peers from around the world.
http://appsecusa.org/2013/speakers/
* Participate in one of the many activities planned including op
So all it takes to call code "secure" is to apply sufficient quantities of
bandaids, bubblegum and barbed wire? Job security yes, secure coding NO.
Just my opinion, but I think we need to hold to a much higher standard.
On Mon, Sep 23, 2013 at 6:08 AM, Goertzel, Karen [USA] <
goertzel_ka...
On the other hand, isn't it somewhat analagous to hiring 24/7 armed security
guards and installing a state of the art physical security system in a museum,
and passing and enforcing strict laws against grand larceny?
The "secure coding" alternative would be for museums to stop displaying
pricel
I agree that ONE end goal of software security is to safeguard data - but it is
not the only goal...and may not even be the primary goal, depending on the type
of system the software is part of. In a safety-critical system, "safeguard the
data" takes on a very different meaning from what one thi