On Mar 9, 2007, at 5:27 PM, McGovern, James F ((HTSC, IT)) wrote:
Ken, in terms of a previous response to your posting in terms of
getting customers to ask for secure coding practices from vendors,
wouldn't it start with figuring out how they could simply cut-and-
paste InfoSec policies into
-
From: Kenneth Van Wyk [mailto:[EMAIL PROTECTED]
Sent: Tue Mar 13 12:23:16 2007
To: Secure Coding
Subject:Re: [SC-L] Information Protection Policies
On Mar 9, 2007, at 5:27 PM, McGovern, James F ((HTSC, IT)) wrote:
Ken, in terms of a previous response to your posting in terms
On a slightly tangential note, and apologies if this was mentioned on this
list previously, OWASP has some guidelines on how consumers can write up
contracts with their vendors related to secure software:
http://www.owasp.org/index.php/OWASP_Secure_Software_Contract_Annex
- Steve
]
[mailto:[EMAIL PROTECTED] Behalf Of McGovern, James F
(HTSC, IT)
Sent: Thursday, March 08, 2007 11:17 AM
To: SC-L@securecoding.org
Subject: [SC-L] Information Protection Policies
Hopefully lots of the consultants on this list have been wildly successful in
getting Fortune enterprises to embrace secure
Hopefully lots of the consultants on this list have been wildly successful in
getting Fortune enterprises to embrace secure coding practices. I am curious to
learn of those who have also been successful in getting these same Fortune
enterprises to incorporate the notion of secure coding