Uncategorized

*First published Nov. 14. 2017 in TechTarget’s SearchSecurity
By Steve Lipner, Executive Director, SAFECode

Every year, hundreds of thousands of software developers join the workforce without a basic knowledge of security. The burden of educating and training developers on software security is left to the development organizations that hire them.

READ MORE

*First published Oct. 16, 2017 in CSOonline
By Steve Lipner, Executive Director, SAFECode

Focusing on culture might be the most important thing an organization can do when developing secure software. One of the toughest technical challenges in software security isn’t even technical. It’s cultural. Developers are responsible for making the code secure but, in many cases, have not lived up to their responsibility.

READ MORE

By Eric Baize, Chairman, SAFECode Software security is less and less about technology and more and more about culture. I would contend that today, for the most part, we know what it takes to build secure software.  What we are struggling with is how to make secure software a reality on a large scale.  This […]

READ MORE

By Carol Clark, Director of Marketing, SAFECode Eric Baize believes culture is an essential part of human society. But the SAFECode Chairman and Vice President, Product Security at Dell EMC is not talking about poetry or opera. Instead, Baize will be representing SAFECode and discussing culture as it relates to software development. During his keynote […]

READ MORE

During a wide-ranging interview on a recent episode of “Security Weekly” – a security podcast hosted by Paul Asadoorian – SAFECode’s Steve Lipner discussed how organizations and developers can take advantage of SAFECode’s new threat modeling and third party component best practices white papers. Here are some of Steve’s insights from the discussion. To hear […]

READ MORE

Izar Tarandach & Brook S.E. Schoenfield A couple of years ago I was engaging a new team into our Secure Development Life cycle (SDL) process. One of the initial activities is Threat Modeling, and in discussion with a product architect, I was asked, “We have a working design here, and now you want to come […]

READ MORE

By Eric Baize, Chairman of the Board, SAFECode   SAFECode members crowded into Jillian’s directly across from the Moscone Center in San Francisco on February 15, 2017 for SAFECode’s Second Annual RSA Conference Breakfast.  Seventeen SAFECode members were honored with recognition awards for their work at the event on four white papers that are currently […]

READ MORE

Recent security incidents exploiting weaknesses in Internet of Things (IoT) devices have demonstrated that software assurance is no longer just an issue for traditional information technology suppliers and end user organizations. Here’s why: Recent attacks have shown that connected devices can be exploited to launch large scale attacks Connected Internet-of-Things (IoT) devices cannot hide their […]

READ MORE

All of us at SAFECode are looking forward to working with our new Executive Director Steve Lipner, appointed December 1, 2016. While all of the SAFECode board members have been privileged to work closely with Steve over many years, we thought you’d enjoy learning more about him. We took a moment to ask Steve a […]

READ MORE

Five SAFECode board members visited Washington DC earlier this month and met with representatives of the US Federal government interested in cybersecurity. With the growing awareness amongst policy makers of the importance of software security assurance and its critical role in cybersecurity, it is important to further educate policy makers on this complex issue and […]

READ MORE

Software Assurance Forum for Excellence in Code (SAFECode) - All Rights Reserved

Share
Share