Re: [SC-L] Where Does Secure Coding Belong In the Curriculum?

2009-08-26 Thread Pravir Chandra
to the software security community. ___ -- ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP:CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4

Re: [SC-L] Functional Correctness

2009-08-25 Thread Pravir Chandra
it means :D CJC -- ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP:CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4

Re: [SC-L] Static Vs. Binary

2009-07-30 Thread Pravir Chandra
. ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP:CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4 ~ ~~ ~~~ ~ ~ ~ -Original Message- From: John Steven jste...@cigital.com Date: Thu, 30 Jul 2009 17:20:52 To: Secure CodingSC

[SC-L] SAMM helps with real software development

2009-04-30 Thread Pravir Chandra
The Real Software blog by Jim Bird has a good post about how his software security assurance program has evolved over time, and now, SAMM is helping out. http://swreflections.blogspot.com/2009/04/opensamm-shows-way.html p. -- ~ ~ ~ ~~~ ~~ ~ Pravir

Re: [SC-L] SAMM 1.0 Released! | OpenSAMM

2009-03-25 Thread Pravir Chandra
to the software security community. ___ -- ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP:CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4

Re: [SC-L] BSIMM: Confessions of a Software SecurityAlchemist(informIT)

2009-03-20 Thread Pravir Chandra
to be that for just about every software security problem we've dealt, I could give you a design/spec level solution that would prevent it in general (and make auditing and so forth incredibly streamlined). p. ~ ~ ~ ~~~ ~~ ~ Pravir Chandra

Re: [SC-L] Positive impact of an SSG

2009-03-11 Thread Pravir Chandra
agree that affording 'someone in charge of success' doesn't equate to a dedicated SSG. There's a myriad of ways that can be accomplished in any organizational structure. Thanks! p. ~ ~ ~ ~~~ ~~ ~ Pravir Chandra

Re: [SC-L] Positive impact of an SSG

2009-03-11 Thread Pravir Chandra
outside help. p. ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP:CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4 ~ ~~ ~~~ ~ ~ ~ -Original Message- From: Benjamin

Re: [SC-L] Positive impact of an SSG

2009-03-11 Thread Pravir Chandra
and should aren't relevant. We asked What *are* you doing now? and documented it so others could learn from it. --Sammy. -Original Message- From: Pravir Chandra [mailto:chan...@list.org] Sent: Wednesday, March 11, 2009 4:00 AM To: Sammy Migues; sc-l-boun...@securecoding.org; sc-l

Re: [SC-L] Positive impact of an SSG

2009-03-10 Thread Pravir Chandra
. ___ -- ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP:CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4 ~ ~~ ~~~ ~ ~ ~ ___ Secure Coding mailing list (SC-L) SC-L

Re: [SC-L] SANS Institute - CWE/SANS TOP 25 Most Dangerous Programming Errors

2009-01-15 Thread Pravir Chandra
positive so far. I encourage anyone with data, ideas, or motivation to ping me and get involved. p. -- ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP:CE60 0E10 9207 7290 06EB 5107 4032 63FC 338E 16E4

Re: [SC-L] top 10 software security surprises

2008-12-16 Thread Pravir Chandra
by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. ___ -- ~ ~ ~ ~~~ ~~ ~ Pravir Chandra chandraatlistdotorg PGP