SAFECode is a global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services. We created this blog so that we could keep you posted on new developments in software assurance and our ongoing work in this area.
Please note that the opinions expressed in this blog are those of the writer or contributor and do not necessarily reflect the opinions of SAFECode or its member companies.
(By Vishal Asthana – firstname.lastname@example.org) Most organizations either have their own central security teams or rely on external security consultants for building and rolling out AppSec programs. As a starting point, a couple of cooperative development teams are selected for a “pilot rollout”. Upon seeing successful implementation results from a subset of the pilot candidates (development teams), the security […]READ MORE
On March 2nd, during the RSA Conference, SAFECode honored Steve Lipner who stepped down from as the Chairman of SAFECode in 2015 when he retired from Microsoft. First to honor Steve was Glenn Pittaway, a Senior Director at Microsoft in the area of assurance, and SAFECode Board Member. Glenn has worked closely with Steve at […]READ MORE
Eric Baize, SAFECode Chairman and Senior Director, Product Security and Trusted Engineering for EMC Corporation 2016 is off to a fast start for our industry and it is no different for SAFECode. It is possible that there has been no more important time than now to focus on software security assurance. Software has become so […]READ MORE
Today’s post is authored by Prof. Howard A. Schmidt, SAFECode Executive Director Today’s news of the availability of our Principles for Software Assurance Assessment is a key milestone and deliverable in SAFECode’s mission to increase trust in information and communications technology products and services through the advancement of proven software assurance methods. The key benefits […]READ MORE
Steve Lipner, the man behind Microsoft’s Security Development Lifecycle, and SAFECode chairman until his retirement from Microsoft earlier this year has just been inducted into the National Cyber Security Hall of Fame. All of the SAFECode board members have been privileged to work closely with Steve over many years and we all know firsthand that […]READ MORE
Many of you may have heard about the recent debate regarding the U.S. Department of Commerce’s proposed rule to implement the Wassenaar Arrangement 2013 plenary agreement on intrusion and surveillance software (RIN 0694-AG49), as published in 80 Fed. Reg. 28853 on May 20, 2015. The SAFECode community recognizes that the proposed rule was originally meant […]READ MORE
On a recent trip to Washington, DC, I had the opportunity to participate in a series of meetings with policymakers on Capitol Hill and in the Administration to discuss SAFECode’s (Software Assurance Forum for Excellence in Code) role in and commitment to improving software security. If you’re not familiar with SAFECode, I encourage you to […]READ MORE
Last year at RSA, vendors, customers and security experts came together to debate the future of software security assessment. The message was clear: there is a growing frustration over the lack of a widely accepted method for assessing the security of acquired software – and not just from customers, but also from the vendors themselves. […]READ MORE
Today’s post was written by Prof. Howard A. Schmidt. In last week’s State of the Union address, President Obama discussed the importance of increasing protections for both consumers and businesses from cyber threats. Though this is not the first time cybersecurity has been mentioned in a State of the Union address, its inclusion in last week’s […]READ MORE
Today’s post was written by SAFECode Executive Director Howard A. Schmidt. I am pleased to officially welcome Huawei, NetApp, Sonatype and Veracode as SAFECode’s newest members. Each of these companies brings unique perspective and expertise to our efforts and we look forward to working with them. They will join current SAFECode members in collaborative work […]READ MORE