al Message-
From: Kenneth Van Wyk [mailto:[EMAIL PROTECTED]
Sent: Tue Mar 13 12:23:16 2007
To: Secure Coding
Subject: Re: [SC-L] Information Protection Policies
On Mar 9, 2007, at 5:27 PM, McGovern, James F ((HTSC, IT)) wrote:
> Ken, in terms of a previous response to your postin
On Mar 9, 2007, at 5:27 PM, McGovern, James F ((HTSC, IT)) wrote:
Ken, in terms of a previous response to your posting in terms of
getting customers to ask for secure coding practices from vendors,
wouldn't it start with figuring out how they could simply cut-and-
paste InfoSec policies into
On a slightly tangential note, and apologies if this was mentioned on this
list previously, OWASP has some guidelines on how consumers can write up
contracts with their vendors related to secure software:
http://www.owasp.org/index.php/OWASP_Secure_Software_Contract_Annex
- Steve
___
Ken, in terms of a previous response to your posting in terms of getting
customers to ask for secure coding practices from vendors, wouldn't it start
with figuring out how they could simply cut-and-paste InfoSec policies into
their own?
-Original Message-
From: [EMAIL PROTECTED]
[mailto