Sunday, February 28, 2010

POLL - What is your experience with security in the Software Development LifeCycle?



Errata Security is conducting a survey on the real world usage of software development methodologies such as Microsoft SDL, OWASP's SAMM, and BSIMM. We are interested in learning which organizations are successfully implementing these methods, and also the reasons companies are abstaining from using these methods. The survey went live over the weekend, and already we are collecting some very interesting experiences. The most noteworthy observation is how varied the responses have been. There appears to be no one correct solution for any two organizations. We will have this survey up through the RSA Conference and the following week, and see if any patterns emerge.

To participate in this short survey, go to http://bit.ly/ErrataSurvey. If you would like a copy of the results of this survey, there is a request button at the end of the survey where you can enter your email address.

In order to encourage participation in this survey, and to explain the reasons behind it, I will be giving a lightning talk at Security B-Sides in San Francisco on March 3 at 12:00 PST.

Please share the survey link with software developers, security experts, product managers, or anyone involved in product development. Thanks!

1 comment:

Sandeep Dahiya said...

Software Development life cycle is the process which is followed to develop a software product. It is a structured way of building software applications. Most organizations have a process in place for developing software; this process may, at times, be customized based on the organizations requirement and framework followed by organization.