[Owasp-leaders] FW: [SC-L] Silver Bullet: McGovern interviews McGraw

McGovern, James F (HTSC, IT) James.McGovern at thehartford.com
Thu Mar 19 09:49:34 EDT 2009

 Gary's opinion on OWASP is fascinating...

-----Original Message-----
From: sc-l-bounces at securecoding.org
[mailto:sc-l-bounces at securecoding.org] On Behalf Of Gary McGraw
Sent: Wednesday, March 18, 2009 5:27 PM
To: Secure Code Mailing List
Cc: James McGovern; Jenny Stout
Subject: [SC-L] Silver Bullet: McGovern interviews McGraw

hi sc-l,

For the third anniversary (!) edition of Silver Bullet, that is episode
36, we do something different.   James McGovern,  OWASP maven, and
Enterprise Architect for The Hartford Financial Services Group,
interviews me.  You may recall that James responded to the OWASP podcast
posting here with a set of question he would have asked.  Well, that got
me thinking, and here you have it.  James in charge.

We talk about many aspects of software security, including:

 *   BSIMM
 *   the UML cloud of utter nonsense
 *   outsourced/offshore software and security
 *   a geographic analysis of software security maturity
 *   the analysts (Gartner/Forrester)
 *   whether the IDE will take over source code analysis
 *   RATS and ITS4
 *   OWASP, SANS, education, and web app myopia
 *   Microsoft
 *   Metrics for software security
 *   why PCI is utterly useless


As always, your feedback on the podcast is welcome.


This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.

More information about the OWASP-Leaders mailing list