Secure Coding mailing list archives
BSIMM update (informIT)
From: coley at linus.mitre.org (Steven M. Christey)
Date: Thu, 28 Jan 2010 21:04:31 -0500 (EST)
Speaking of "top 25 tea leaves," the "bug parade boogeyman" just called and reminded me that the 2010 Top 25 is due to be released next Thursday, February 4. Thanks for the plug. A preview of some of the brand-new features: 1) Data-driven ranking with alternate metrics to feed the brain and stimulate wider discussion - featuring special guest star Elizabeth Nichols 2) Multiple focus profiles to avoid one-size-fits-all 3) Cross-cutting mitigations that expand far beyond the Top 25 - AND show which mitigations address which Top 25's 4) References to resources such as BSIMM (and even that controversial bad-boy ESAPI) to get people thinking even more about systematic software security ... and a few more tidbits. This particular Cargo-Culting pseudoscientist has dutifully listened to his fellow islanders. This year we've made shiny new airstrips and control towers, and apparently we've already started some fires. The planes will TOTALLY come back! Or maybe I'm just feeling a little whimsical. - Steve P.S. I can't wait until software security becomes an actual science, because as we all know, scientists are much too rational to ever indulge in self-destructive infighting and name-calling that hinders opportunities for progress in their field.
Current thread:
- BSIMM update (informIT) Gary McGraw (Jan 28)
- BSIMM update (informIT) Steven M. Christey (Jan 28)
- BSIMM update (informIT) Kenneth Van Wyk (Feb 03)
- BSIMM update (informIT) McGovern, James F. (eBusiness) (Feb 04)
- BSIMM update (informIT) Brian Chess (Feb 04)
- BSIMM update (informIT) Gary McGraw (Feb 04)
- BSIMM update (informIT) McGovern, James F. (eBusiness) (Feb 04)
- BSIMM update (informIT) McGovern, James F. (eBusiness) (Feb 04)
- <Possible follow-ups>
- BSIMM update (informIT) Wall, Kevin (Feb 02)
- BSIMM update (informIT) Steven M. Christey (Feb 02)
- BSIMM update (informIT) Gary McGraw (Feb 03)
- BSIMM update (informIT) Mike Boberski (Feb 03)
- BSIMM update (informIT) Steven M. Christey (Feb 03)
- BSIMM update (informIT) Steven M. Christey (Feb 02)