SAFECode is a global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services. We created this blog so that we could keep you posted on new developments in software assurance and our ongoing work in this area.
Please note that the opinions expressed in this blog are those of the writer or contributor and do not necessarily reflect the opinions of SAFECode or its member companies.
Eric Baize, SAFECode Chairman and Senior Director, Product Security and Trusted Engineering for EMC Corporation 2016 is off to a fast start for our industry and it is no different for SAFECode. It is possible that there has been no more important time than now to focus on software security assurance. Software has become so […]READ MORE
Today’s post is authored by Prof. Howard A. Schmidt, SAFECode Executive Director Today’s news of the availability of our Principles for Software Assurance Assessment is a key milestone and deliverable in SAFECode’s mission to increase trust in information and communications technology products and services through the advancement of proven software assurance methods. The key benefits […]READ MORE
Steve Lipner, the man behind Microsoft’s Security Development Lifecycle, and SAFECode chairman until his retirement from Microsoft earlier this year has just been inducted into the National Cyber Security Hall of Fame. All of the SAFECode board members have been privileged to work closely with Steve over many years and we all know firsthand that […]READ MORE
Many of you may have heard about the recent debate regarding the U.S. Department of Commerce’s proposed rule to implement the Wassenaar Arrangement 2013 plenary agreement on intrusion and surveillance software (RIN 0694-AG49), as published in 80 Fed. Reg. 28853 on May 20, 2015. The SAFECode community recognizes that the proposed rule was originally meant […]READ MORE
On a recent trip to Washington, DC, I had the opportunity to participate in a series of meetings with policymakers on Capitol Hill and in the Administration to discuss SAFECode’s (Software Assurance Forum for Excellence in Code) role in and commitment to improving software security. If you’re not familiar with SAFECode, I encourage you to […]READ MORE
Last year at RSA, vendors, customers and security experts came together to debate the future of software security assessment. The message was clear: there is a growing frustration over the lack of a widely accepted method for assessing the security of acquired software – and not just from customers, but also from the vendors themselves. […]READ MORE
Today’s post was written by Prof. Howard A. Schmidt. In last week’s State of the Union address, President Obama discussed the importance of increasing protections for both consumers and businesses from cyber threats. Though this is not the first time cybersecurity has been mentioned in a State of the Union address, its inclusion in last week’s […]READ MORE
Today’s post was written by SAFECode Executive Director Howard A. Schmidt. I am pleased to officially welcome Huawei, NetApp, Sonatype and Veracode as SAFECode’s newest members. Each of these companies brings unique perspective and expertise to our efforts and we look forward to working with them. They will join current SAFECode members in collaborative work […]READ MORE
Today, we continue our Meet SAFECode series with an interview with Codenomicon’s Mike Ahmadi. Mike is one of our newer members and we couldn’t be happier to have him as part of our team. Interview with Mike Ahmadi, CISSP, Global Director of Business Development at Codenomicon Q. From the DNS flaw to Heartbleed, we’re seeing […]READ MORE
Today’s post is authored by Prof. Howard A. Schmidt, SAFECode Executive Director Consensus is not easily reached within the information security community. Sure, after spending some time on Twitter it may appear that we all just enjoy a good debate. But it is just as likely a reflection of the complexity of issues we face […]READ MORE