[SAMM] SAFECode Seeks Comment on Secure Development Practices

[Stacy Simpson]

All,

I wanted to let you know that the Software Assurance Forum for Excellence in
Code (SAFECode) will be accepting comments on its paper, "Fundamental
Practices for Secure Software Development: A Guide to the Most Effective
Secure Development Practices in Use Today," through the end of July.

As background, SAFECode originally released this paper in October 2008.  It
outlines a core set of secure development practices that can be applied
across diverse development environments to improve software security and is
based on an analysis of the individual software assurance efforts of
SAFECode members.
 
The brief paper describes each identified security practice across the
software development lifecycle ­ Requirements, Design, Programming, Testing,
Code Handling and Documentation ­ and offers implementation advice based on
the experiences of SAFECode members.

SAFECode will be releasing an updated version of the paper in late 2009, and
in an effort to make the paper¹s recommendations as useful and relevant as
possible, we are offering experts outside of our membership an opportunity
to provide input into the paper¹s next version. If you would like to review
the paper and/or submit comments, please visit:
http://www.safecode.org/feedback.php

We will be accepting comments until July 31, 2009.

Thanks,
Stacy Simpson
SAFECode
stacy at safecode.org
+1 703-812-9199