[Owasp-leaders] WSJ: Software Security

Jim Manico jim.manico at aspectsecurity.com
Thu Mar 5 13:26:45 EST 2009


> Would be cool if OWASP Bloggers provided their commentary... 

BSI looks VERY high level doc to help a large org "plan a software security initiative". Stuff like:
 
Ensure host and network security basics are in place. The organization provides a solid foundation for software by ensuring that host and network security basics are in place. It is common for operations security teams to be responsible for duties such as patching operating systems and maintaining firewalls.
 
Not a lot of gritty detail. 
 
I know that this and http://www.owasp.org/index.php/ASVS  try to solve different problems, but ASVS seems to scratch the itch much more than BSI.
 
This is just my initial reaction. I'm interviewing Chess over this next week and will approach the interview with an open mind.
-- 
Jim Manico, Senior Application Security Engineer
jim.manico at aspectsecurity.com
(301) 604-4882 (work)
(808) 652-3805 (cell)

Aspect Security(tm)
Securing your applications at the source
http://www.aspectsecurity.com

________________________________

From: owasp-leaders-bounces at lists.owasp.org on behalf of McGovern, James F (HTSC, IT)
Sent: Thu 3/5/2009 4:42 AM
To: owasp-leaders at lists.owasp.org
Subject: [Owasp-leaders] WSJ: Software Security



http://blogs.wsj.com/digits/2009/03/04/new-effort-hopes-to-improve-software-security/ <http://blogs.wsj.com/digits/2009/03/04/new-effort-hopes-to-improve-software-security/>  

Would be cool if OWASP Bloggers provided their commentary... 

************************************************************
This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.
************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090305/d5f1c355/attachment.html 


More information about the OWASP-Leaders mailing list