http://www.networkworld.com/news/2010/020810-rugged-manifesto-secure-coding.html By Tim Greene Network World February 08, 2010 Three respected security professionals have issued a call for developers to learn and practice secure programming in an effort to reduce the number of exploits directed at applications. Called the Rugged Manifesto, the document encourages developers to adopt characteristics that will lead them to write more secure applications. The three authors of the manifesto are Josh Corman, an analyst with The 451 Group; David Rice, formerly with the National Security Agency and author of Geekonomics, a book about the real cost of insecure software; and Jeff Williams, the chairman of OWASP, an organization focused on Web application security. The trio announced the project at the SANS Institure AppSec Conferenc in San Francisco Monday. The problem now, Corman says, is that developers write code assuming the only task is to make it perform a function. But that can lead to programs riddled with vulnerabilities that can in turn lead to economic damages, lost data and lost productivity. "We have to get to the mass of programmers who simply don't realize their code is being attacked and subverted by talented and persistent adversaries," he says. The three are trying to motivate developers to aspire to rugged ideals and to learn how their code can be more secure. It's a philosophy or value set accompanied by business cases showing why it makes economic sense to write rugged software rather than dealing later with the consequences of vulnerable software. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Wed Feb 10 2010 - 05:06:39 PST
This archive was generated by hypermail 2.2.0 : Wed Feb 10 2010 - 05:10:50 PST