[Owasp-leaders] [Owasp-washington] Request for Comment - Draft US Department of Justice Secure Coding Guidance

Rex Booth rex.booth at owasp.org
Wed Apr 6 12:05:11 EDT 2011


Exactly right.

On 4/5/2011 10:31 PM, Matt Shepherd wrote:
> This is a standard for use within the Department of Justice.  They will try to force all internal systems to be developed in accordance with whatever the final standard is.
>
> Matt Shepherd
> MindPoint Group, LLC
> Vice President, Information Security&  Privacy
> (o) 703-636-2033 ext.7013
> (c) 301-525-1936
> (f) 866-761-7457
> www.mindpointgroup.com
> http://blog.mindpointgroup.com
>
> A Woman-Owned, Minority-Owned Small Business
> "Innovative Minds, On Point, One Group"
>
>
> -----Original Message-----
> From: owasp-washington-bounces at lists.owasp.org [mailto:owasp-washington-bounces at lists.owasp.org] On Behalf Of Jeffrey Walton
> Sent: Tuesday, April 05, 2011 10:28 PM
> To: Rex Booth
> Cc: owasp-washington at lists.owasp.org; owasp-leaders at lists.owasp.org
> Subject: Re: [Owasp-washington] Request for Comment - Draft US Department of Justice Secure Coding Guidance
>
> On Tue, Apr 5, 2011 at 11:10 AM, Rex Booth<rex.booth at owasp.org>  wrote:
>> All,
>>
>> Attached for your review and comment is a new Draft Guidance document
>> for the US Department of Justice addressing Secure Coding.  The
>> document covers areas such as input validation, authentication, and parameter manipulation.
>> The intent of the document, once finalized, is to provide the
>> Department with a set of secure coding best practices for commonly
>> used programming languages.
>>
>> This is a great opportunity for OWASP to increase our name recognition
>> and assist in the development of guidance within the US Federal Sector.
>>
>> Please use the attached comment matrix to record your comments and
>> suggestions.  Please submit your completed matrices to me
>> (rex.booth at owasp.org).  The comment period will be open until 5pm EST
>> on April 12, 2011 (sorry for the quick turn-around).  Comments and
>> suggestions will be compiled by me and will be submitted to DOJ.
>>
>> Let me know if you have any questions.
> Rex - forgive my ignorance here. Are the recommendations going to be considered/used for their information systems, or for recommending/drafting legislation, or for investigating possible negligence after a data breach.
>
> Jeff
> _______________________________________________
> Owasp-washington mailing list
> Owasp-washington at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-washington
>
>
> Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
>
> _______________________________________________
> Owasp-washington mailing list
> Owasp-washington at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-washington



More information about the OWASP-Leaders mailing list