Uncategorized

Izar Tarandach & Brook S.E. Schoenfield A couple of years ago I was engaging a new team into our Secure Development Life cycle (SDL) process. One of the initial activities is Threat Modeling, and in discussion with a product architect, I was asked, “We have a working design here, and now you want to come […]

READ MORE

By Eric Baize, Chairman of the Board, SAFECode   SAFECode members crowded into Jillian’s directly across from the Moscone Center in San Francisco on February 15, 2017 for SAFECode’s Second Annual RSA Conference Breakfast.  Seventeen SAFECode members were honored with recognition awards for their work at the event on four white papers that are currently […]

READ MORE

Recent security incidents exploiting weaknesses in Internet of Things (IoT) devices have demonstrated that software assurance is no longer just an issue for traditional information technology suppliers and end user organizations. Here’s why: Recent attacks have shown that connected devices can be exploited to launch large scale attacks Connected Internet-of-Things (IoT) devices cannot hide their […]

READ MORE

All of us at SAFECode are looking forward to working with our new Executive Director Steve Lipner, appointed December 1, 2016. While all of the SAFECode board members have been privileged to work closely with Steve over many years, we thought you’d enjoy learning more about him. We took a moment to ask Steve a […]

READ MORE

Five SAFECode board members visited Washington DC earlier this month and met with representatives of the US Federal government interested in cybersecurity. With the growing awareness amongst policy makers of the importance of software security assurance and its critical role in cybersecurity, it is important to further educate policy makers on this complex issue and […]

READ MORE

(By Vishal Asthana – vishal@securitycompass.com) Most organizations either have their own centra​​l security teams or rely on external security consultants for building and rolling out AppSec programs. As a starting point, a couple of cooperative development teams are selected for a “pilot rollout”. Upon seeing ​successful implementation results from a subset of the pilot candidates (development teams), the security […]

READ MORE

On March 2nd, during the RSA Conference, SAFECode honored Steve Lipner who stepped down from as the Chairman of SAFECode in 2015 when he retired from Microsoft. First to honor Steve was Glenn Pittaway, a Senior Director at Microsoft in the area of assurance, and SAFECode Board Member. Glenn has worked closely with Steve at […]

READ MORE

Eric Baize, SAFECode Chairman and Senior Director, Product Security and Trusted Engineering for EMC Corporation 2016 is off to a fast start for our industry and it is no different for SAFECode. It is possible that there has been no more important time than now to focus on software security assurance. Software has become so […]

READ MORE

Today’s post is authored by Prof.  Howard A. Schmidt, SAFECode Executive Director Today’s news of the availability of our Principles for Software Assurance Assessment is a key milestone and deliverable in SAFECode’s mission to increase trust in information and communications technology products and services through the advancement of proven software assurance methods. The key benefits […]

READ MORE

Steve Lipner, the man behind Microsoft’s Security Development Lifecycle, and SAFECode chairman until his retirement from Microsoft earlier this year has just been inducted into the National Cyber Security Hall of Fame. All of the SAFECode board members have been privileged to work closely with Steve over many years and we all know firsthand that […]

READ MORE

Software Assurance Forum for Excellence in Code (SAFECode) - All Rights Reserved