This section of the website is designed to support current SAFECode members. If your company is a member of SAFECode, feel free to contact our Member Helpdesk for more information on anything you see on this page. Not sure if you are a Member? Check your membership status here. Like what you see on this page but not currently a Member? Learn more about joining the collaboration.
This Month’s Highlights
Welcome to our new website! We hope you find this Member-focused page helpful in keeping up-to-date with SAFECode activities. Take a look and see what interests you. And if you want us to explore a topic you don’t see listed, give us a shout with your idea here. Most importantly, we hope that you and your families are staying safe and healthy during these unprecedented times.
SAFECode Member-Only Brown Bag Series
More companies are building digital products that they sell to customers than ever before. The process of designing, building, and maintaining these customer-facing products differs in many ways from building back-end IT infrastructure. Security concerns for these products differ greatly from traditional network-centric IT security, prompting many organizations to create separate product security departments.
As customers and regulators demand secure products, the role of Chief Product Security Officer is an increasingly strategic position that helps leading product manufacturers secure competitive advantage. In this discussion, panelists discuss the evolving function of Product Security, how it differs from traditional information and cybersecurity, and experience in the role of Chief Product Security Officer.
For more information on how you can access our past sessions or organize one of your own, please email us here.
Featured Working Group: Security Training
SAFECode has long been recognized for its free security training courses and expertise in creating and managing in-house security engineering training programs. This working group is carrying the torch by revisiting our current courseware where needed, creating new courses based on shared demand, and refreshing our guidance around security training program management. If you are working on an internal training initiative, having trouble finding the training content you need, or have a training success story to share, this group is for you.
Focus on Fuzzing
At SAFECode, members often compare notes on secure development practices that are proving effective in our individual software security efforts. One of the most commonly cited of these practices is fuzzing. Fuzzing, sometimes referred to as fuzz testing, is an automated software testing technique that involves providing invalid, unexpected, random, or semi-random data as input to a computer program. The program is then monitored for exceptions such as hangs, crashes, failing built-in code assertions, or potential memory leaks.
This Fuzzing series discusses things such as: what types of fuzzing exist and which one to choose in a specific case; what tools are available for various languages and ecosystems; how and why to fuzz continuously; and, how fuzzing fits into the larger software development lifecycle.
New content is added regularly so be sure to follow the series here
Collaborate with Your Peers at Other Member Companies
SAFECode offers a number of ways for employees of member companies to collaborate with each other. Our working groups are always open to new members. Take a look below and reach out at [email protected] if you’d like to get involved. To make sure you always have the latest information on new working groups, please join us in our member portal.
SAFECode Members can contact our Member Helpdesk for information on event sign-ups, working group opportunities, and any other questions they may have. For more specific inquiries, see below.