By Anthony Dulay, Boeing with Souheil Moghnie, NortonLifeLock and Loren Brent Cobb, Boeing In the digital age, data is everywhere. More people than ever before are using internet-connected, application-centric devices that collect and use some type of data about their users. In fact, according to statista.com there are approximately 75.44 billion devices connected to the […]READ MORE
By Kostya Serebryany, Software Engineer, Google
C/C++ memory (un)safety remains a significant threat to security and stability of user-space applications and OS kernels. More than half of all high/critical security vulnerabilities across all major ecosystems are memory safety bugs , 
Tania Ward is a Consultant Program Manager for Dell Technologies and a member of the SAFECode Technical Leadership Council. Tania Ward has lived the role of a Security Champion throughout her career and is now passing on her wisdom and expertise to others. In her current role at Dell Technologies, Tania oversees the security training […]READ MORE
By Steve Lipner, Executive Director This week, the National Initiative for Cybersecurity Education (NICE), led by the National Institute of Standards and Technology (NIST) within the U.S. Department of Commerce is hosting National Cybersecurity Career Awareness Week (NCCAW). The goal is to focus on local, regional, and national interest to inspire, educate, and […]READ MORE
*First published September 20, 2019
By Steve Lipner, Executive Director, SAFECode
Do a quick search on secure development and you’ll find pages and pages of advice and best practices. You could relatively quickly create a long checklist of best practices and how-tos covering everything from how to create a threat model to the dos and don’ts of avoiding cross site-scripting mistakes. Newer articles and papers might focus in on applying secure development to mobile applications or making it work in a DevOps…READ MORE
By Steve Lipner, Executive Director, SAFECode.
Recruiting developers and testers from the product group is a great way to build a top-notch application security team. Here’s why.READ MORE
By Vishal Asthana, Security Compass (former) with Altaz Valani, Security Compass
Ever wonder what it is like to work on a SAFECode project team? Two of our Champions – Vishal Asthana and Altaz Valani were kind enough to participate in a short Q&A; about their experience working on the Security Champions and other SAFECode projects.READ MORE
Hosted by Altaz Valani, Security Compass and featuring Izar Tarandach, Autodesk and Vishal Asthana, Security Compass (former).
Listen in as members of the Security Champions team share insight into the development of a robust Security Champion.READ MORE
Tania Skinner, Intel
Understanding the fundamentals of secure development and where to start is the message I delivered to an audience of software quality engineers, developers, testers and more at the Pacific Northwest Software Quality Conference (PNSQC). My technical presentation titled “Security Tsunami! SDL Fundamentals and Where to Start” was delivered October 8, 2018 in Portland, Oregon.