By Steve Lipner, Executive Director, SAFECode.

Today, we joined the Cloud Security Alliance (CSA) in releasing a new framework for thinking about DevSecOps in a cloud environment. The paper, “The Six Pillars of DevSecOps: Achieving Reflexive Security through Integration of Security, Development and Operations,” defines six focus areas critical to implementing and integrating DevSecOps into an organization.

By Steve Lipner, Executive Director, SAFECode.

Recruiting developers and testers from the product group is a great way to build a top-notch application security team. Here’s why.

By Steve Lipner, SAFECode Executive Director This week, the Business Software Alliance released The BSA Framework for Software Security. The document aims to provide a consolidated framework that brings together best practices in a manner that can be effectively described and communicated, regardless of the development environment or the purpose of the software. Specifically, according […]

I recently came across an article in SD Times published a few weeks ago called Major Software Makers Fail Security Transparency Test.  Apparently the editors had asked a group of software vendors for information on the principles that they use for writing secure software.  Unfortunately, they did not receive many responses to their requests, which […]