AppSecEU08 Software Security State of the Practice 2008

Revision as of 02:53, 5 April 2008 by Sdeleersnyder (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Using the framework described in my book “Software Security: Building Security In”---built around the three pillars of software security: risk management, the touchpoints, and knowledge---I will discuss and describe the state of the practice. This talk is peppered with real data from the field, based on my work with several large financial services companies as a Cigital consultant. Really, the software security field is just getting started, but we are making important forward progress, and the future looks bright.

More information: