Partager via


Introducing SAFECode

Today SAFECode, the Software Assurance Forum for Excellence in Code, introduced its first white paper, "Software Assurance: An Overview of Current Industry Best Practices."

The organization was founded by Microsoft, Symantec, EMC, SAP and Juniper to advance understanding and practices related to secure development and integrity controls. Our goal is to raise the security bar across the software industry to reduce vulnerabilities.

There is a small number of working groups within SAFECode, and I am very pleased to chair the Development Processes working group.

Over time, SAFECode will produce many resources to help raise the state-of-the-art in software security.

SAFECode is a great example of "industry helping industry," because it is led by people who have "been there, done that" and have the battle scars to prove it. All members have had security vulnerabilities and learned from the vulnerabilities and changed their processes to help deliver more secure code for customers.

A big benefit is SAFECode is it is not an academic or theoretical endeavor, everything produced by SAFECode will be practical and most importantly, known to improve software security.

Stay tuned.

Comments

  • Anonymous
    February 14, 2008
    PingBack from http://www.biosensorab.org/2008/02/14/introducing-safecode/

  • Anonymous
    February 15, 2008
    The number of times I see software that I'm installing that does not have a "verification signature"

  • Anonymous
    February 15, 2008
    The number of times I see software that I'm installing that does not have a "verification signature"

  • Anonymous
    February 16, 2008
    Kudos to the safecode initiative and the software security best practices whitepaper. Mr. Paul Kurtz has the right experience to advocate for software security assurance at government and industry level as he successfully did for information security assurance when he led the CSIA (Cyber Security Industry Alliance).

  • Anonymous
    March 02, 2008
    Yeah right, every time I see Symantec aka King Of Bloatware doing something on security my skin starts to crawl.

  • Anonymous
    March 18, 2008
    a {color : #0033CC;} a:link {color: #0033CC;} a:visited.local {color: #0033CC;} a:visited {color : #800080;}