SAFECode is a global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services. We created this blog so that we could keep you posted on new developments in software assurance and our ongoing work in this area.
Please note that the opinions expressed in this blog are those of the writer or contributor and do not necessarily reflect the opinions of SAFECode or its member companies.
By: Stacy Simpson, SAFECode
A key principle guiding SAFECode’s work has always been our belief that secure software development can only be achieved with an organizational commitment and a holistic assurance process. But what does that mean in practice?READ MORE
By: Stacy Simpson, SAFECode
Next week, tens of thousands of security professionals will gather once again in San Francisco to talk all things security, including software security. At SAFECode, this is one of our favorite times of the year, despite the fact that many might not know we are even there.READ MORE
By Vishal Asthana, Security Compass (former) with Altaz Valani, Security Compass
Ever wonder what it is like to work on a SAFECode project team? Two of our Champions – Vishal Asthana and Altaz Valani were kind enough to participate in a short Q&A; about their experience working on the Security Champions and other SAFECode projects.READ MORE
This is the closing post to our Security Champions Series. Read all of the posts below. Part One: Start 2019 Strong: Join SAFECode for Our Month of Champions Part Two: Building Secure Software: It Takes a Champion Part Three: Putting a Face to Software SCs Part Four: How to Build an Effective Security Champions Program […]READ MORE
Security Champions Podcast: Final Thoughts
Hosted by John Martin, Boeing. Featuring Tania Ward, Dell and Nick Ozmore, Veracode
As the Month of Champions comes to an end, join the Security Champions Team as they offer some parting advice on developing a successful Security Champions program.READ MORE
Part One: Start 2019 Strong: Join SAFECode for Our Month of Champions Part Two: Building Secure Software: It Takes a Champion Part Three: Putting a Face to Software SCs Part Four: How to Build an Effective Security Champions Program Part Five: Warning: Six Signs Your Security Champions Program is in Trouble Part Six: Kicking off […]READ MORE
By Vishal Asthana, Security Compass (former) with Manuel Ifland, Siemens
This post will cover how to roll out a Security Champions (SC) program in a sustainable way. As you can imagine, kicking off the program with a huge disruption to engineering’s workflow will not help repair security’s reputation as an obstacle. So, a thoughtful kick-off is key to successful program adoption.READ MORE
By Tania Ward, Dell with Altaz Valani, Security Compass
Sometimes, despite the best intentions, Security Champion (SC) programs can run into trouble. Often, when launching a new initiative, it takes a bit of trial and error to get things rightREAD MORE
By: Tania Ward, Dell with Altaz Valani, Security Compass
In our first blog post on this topic we explained the need to support a security culture within the software development lifecycle (SDLC) and the key role of Security Champions (SCs) in helping us meet that need. In the second blog post we dove deeper into the core skills and capabilities of a SC. In this blog post, we answer the question, “How do you build an effective SC program in your organization?”READ MORE
Hosted by Altaz Valani, Security Compass and featuring Izar Tarandach, Autodesk and Vishal Asthana, Security Compass (former).
Listen in as members of the Security Champions team share insight into the development of a robust Security Champion.READ MORE