Free Outsourcing Software Security Webcast

["Mark Curphey" <mark () curphey com>]

Shameless self-promotion ;-)

http://www.foundstone.com/resources/webcasts.htm
 
Title: Trust but Verify: How to Manage Risk in Outsourced Applications
Date: November 18th
Time: 8:00 EST 
Speakers: Mark Curphey of Foundstone and Jack Danahy of Ounce Labs 

Organizations are outsourcing application development more than ever before,
with $48 billion in projects annually expected by 2007. Very few of those
projects have adequately managed the security risks involved in developing
critical applications out-of-house, largely because they lack the ability to
measure the results effectively. The right planning, tools, and contract
requirements, combined with reliable metrics on which to base acceptance
criteria, can reduce those risks dramatically. 
 
This presentation will describe suggested methods for developing an
outsourcer report card to: 
 
1) Ensure proper security programs are in place
2) Most effectively analyze outsourced applications
3) Use that data to measure the security state of the delivered code
4) Develop baseline metrics to use as security acceptance criteria

Kind regards,

Mark