Errata Security

Advanced persistent cybersecurity

Showing posts with label SDLC. Show all posts

Showing posts with label SDLC. Show all posts

Friday, August 09, 2013

The Rob Test: 12 Steps to Safer Code

Joel Spolsky has a famous list of " 12 Steps to Better Code ". I thought I'd create a similar list for safer, more secure code...

Thursday, January 13, 2011

Comment on "Layer 8: Connecting the risk dots."

(This post is a response to the blog post at " Layer 8: Connecting the risk dots ," mostly because I typed the whole thing out on ...

Tuesday, November 02, 2010

A discussion at SecTor on Rogue Secure Development

Last week I presented a new methodology for developing secure code called Rogue Secure Development (pdf). The talk was at SecTor in Toronto...

Thursday, September 16, 2010

Adobe misses low hanging fruit in Reader

One of the most common features of "secure development" is the ability to avoid functions that are known to be dangerous, functio...

Tuesday, August 24, 2010

DLL exploit not a job for secure coding programs

The big " zero-day " exploit this week was the malicious Windows DLL payload brought to the spotlight by Rapid7's HD Moore. T...

Sunday, April 04, 2010

Errata Security releases the results of the survey on secure coding practices

Errata Security released the results of a survey conducted over the week of Security B-Sides and the RSA Conference in San Fr...

Sunday, February 28, 2010

POLL - What is your experience with security in the Software Development LifeCycle?

Errata Security is conducting a survey on the real world usage of software development methodologies such as Microsoft SDL, OWASP's SA...

View web version

Powered by Blogger.