On Mar 18, 2010, at 02:17, ljknews wrote:
Scripting languages should not be used for security-sensitive
programs.
And your evidence for this statement is?
Stephan
___
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information,
ljkn...@mac.com
To: sc-l@securecoding.org
Subject: Re: [SC-L] market for training CISSPs how to code (Matt
Parsons)
Message-ID: p05200f26c7c72f5b9...@[146.115.107.213]
Content-Type: text/plain; charset=us-ascii
At 7:27 PM +0200 3/17/10, AK wrote:
Regarding training non-developers
At 7:36 PM +0200 3/18/10, AK wrote:
Who says so, in the context of web applications?
I can see it (somewhat) from a desktop application
perspective, but how is this relevant in web apps?
Why should standards for a web application be different than
for a desktop application ?
--
Larry
I have been a programmer and a security analyst for a few years now. When
I first started developers told me I didn't know how to code good enough and
CISSP's told me I didn't have enough security experience. Has anyone had
any success training CISSP's and non programmers how to write code
Hi,
Regarding training non-developers to write secure code, what are the
circumstances that a non-developer would create code that would
*require* security? I am assuming that system administrators know the
basics of their trade and scripting language of choice so security there
is taken care of