[Owasp-singapore] [Fwd: [Owasp-leaders] Latest SAFECode Best Practice Document References to OWASP]

Wong Onn Chee ocwong at usa.net
Thu Oct 9 22:14:02 EDT 2008


-------- Original Message --------
Subject: 	[Owasp-leaders] Latest SAFECode Best Practice Document
References to OWASP
Date: 	Thu, 9 Oct 2008 13:42:40 -0400
From: 	Marco Morana <marco.m.morana at gmail.com>
To: 	owasp-leaders at lists.owasp.org


Just wanted to bring to the leaders attention that OWASP T10, OWASP
PHP Anti XSS library, OWASP pages on Canonicalization, Local, Unicode,
OWASP pages on Code Review for Logging issues and OWASP pages on Error
Handling and Logging have been referenced in the most recent SAFECode
guide for the most effective secure development best practices (*)

OWASP rule!


Marco Morana

(*) The Software Assurance Forum for Excellence in Code (SAFECode)
today released "Fundamental Practices for Secure Software Development:
A Guide to the Most Effective Secure Development Practices in Use
Today." Based on an analysis of the individual software assurance
efforts of SAFECode members, the paper outlines a core set of secure
development practices that can be applied across diverse development
environments to improve software security.

"SAFECode has brought together some of the most experienced software
assurance professionals in the industry to move us beyond theoretical
best practices to identify the secure development methods that have
proven to be both effective and implementable even when different
product requirements and development methodologies are considered,"
said Paul Kurtz, executive director of SAFECode.  "We have documented
and released these secure development practices in an effort to help
others in the industry initiate or improve their own software
assurance programs and encourage the industry-wide adoption of the
secure development methods outlined in this paper."

To view a full copy of the paper, please download
There is no charge for this and all SAFECode products.

To view todays press release, please visit the news section at www.safecode.org

About SAFECode
The Software Assurance Forum for Excellence in Code (SAFECode) is a
non-profit organization exclusively dedicated to increasing trust in
information and communications technology products and services
through the advancement of effective software assurance methods.
SAFECode is a global, industry-led effort to identify and promote best
practices for developing and delivering more secure and reliable
software, hardware and services.  Its members include EMC Corporation,
Juniper Networks, Inc., Microsoft Corp., Nokia, SAP AG and Symantec
Corp. For more information, please visit www.safecode.org.

Did someone forward this to you?  To subscribe to receive future
SAFECode News, please visit www.safecode.org.

To unsubscribe to future SAFECode News, please use this link:

Don't miss future communications from SAFECode. Add news at SAFECode.org
to your address book to prevent these messages from getting filtered.

SAFECode * 2101 Wilson Boulevard, Suite 1000 * Arlington, VA 22201
*(p) + 1 703.812.9199 *(f) + 1 703.812.9350 * inquiries at safecode.org
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org

More information about the Owasp-singapore mailing list