In the News
Incentives for Improving Software Security: Product Liability and Alternatives
Lawfare
How ISACs might factor into software assurance
APNIC
Software liability is still vexing some stakeholders as NTIA transparency effort advances
Inside Cybersecurity
Meet Steve Lipner: New ISPAB chairman points to British IoT baselines as a good example
Inside Cybersecurity
Securing Software in the Digital Age: BSA Software Security Framework
Adobe Blog
Staffing the Software Security Team: Who You Gonna Call?
DARKReading
SD Times news digest: Revamped Codefresh adds streamline tool, SAFECode gets several new members, CloudBees joins Automotive Grade Linux, Talend announces advancements to Data Fabric
SD Times
BSA releases framework for secure software
ComputerWeekly
Accenture, Splunk and UTC join SAFECode, Veracode rejoins the organization
HELPNETSECURITY
Cloud Security Alliance Publishes New Paper, The Six Pillars of DevSecOps: Automation
Cloud Security Alliance
ZoomInfo Renews TRUSTe Enterprise Privacy Certification and Joins Security Sharing Nonprofit SAFECode
Business Wire
Agencies Shouldn’t ‘Just Trust’ Software Vendors’ Security Assurances, IG Warns
Nextgov
A blueprint for cyber supply chain risk management
Security
The importance of a policy-driven threat modeling approach
TechTarget
Can Regulatory Mandates Secure Software Development?
DevOps.com
Nonprofits Form Cyber Coalition
Info Security
New ‘Nonprofit Cyber’ Coalition Aims to Amplify Good Cybersecurity Advice
American Security Today
The 6 Pillars of DevSecOps: Pillar One-Collective Responsibility
DevOps.com
Continued investments in supply chain security in support of the cybersecurity Executive Order
Microsoft
What’s hot at #RSAC? Here’s our picks for the big show
Security Boulevard
Software supply chain security fixes gain prominence at RSA
CSO
Software supply chain security fixes gain prominence at RSA 2022
Reseller News
How to grow a secure software culture from the inside out
Dell Technologies
How DevSecOps Empowers Citizen Developers
Dark Reading
White House Calls for ‘Attestations’ of Secure Practices from Third-Party Software Providers
ATDMAG
Agencies Shouldn’t ‘Just Trust’ Software Vendors’ Security Assurances, IG Warns
FocusTechnica
Registration is required
Secure Software Development in an Agile Environment
By Gurock
Quick Hits
By Federal Computer Week
Steve Lipner Appointed Chair of NIST Information Security and Privacy Advisory Board
By Dark Reading
Software products aren’t cookies
By Steve Lipner, Contributor, CSO
Press Releases
Accenture, Splunk, UTC and Veracode Join SAFECode
Companies to Contribute Secure Software Development Expertise to Industry Group Wakefield, Mass. – May 1, 2019 – The Software Assurance Forum for Excellence in Code (SAFECode) announced today that Accenture, [...]
Steve Lipner Appointed Chair of NIST Information Security and Privacy Advisory Board
Wakefield, Mass. – November 15, 2018 – At a meeting this month in Washington, D.C., the U.S. National Institute of Standards and Technology (NIST) announced that Steve Lipner, executive director [...]
SAFECode Publishes Fundamental Practices for Secure Software Development: Essential Elements of a Secure Development Life Cycle Program
3rd Edition Releases Guidance Updates and Adds Security Best Practices to Reflect Current and New Considerations in Areas of Third-Party Components, Security Issue Management and Vulnerability Response and Disclosure. Wakefield, [...]
Steve Lipner Named Fellow of (ISC) ²
The Software Assurance Forum for Excellence in Code (SAFECode) announced today that SAFECode Executive Director Steven B. Lipner was named a Fellow of (ISC)² at its 2017 Security Congress in Austin, TX.
SAFECode Unveils Software Best Practices for Threat Modeling and Third Party Components White Papers
Developers and threat modelers can more effectively assess and defend against risk by leveraging the papers’ guidance on vulnerability types and best practice mitigation methods Wakefield, Mass. – May 10, [...]
SAFECode Raises the Bar with Latest Guidance in Threat Modeling and Managing Third Party Components
SAFECode members collaborate cross industry to address the latest security threats and vulnerabilities. Adobe, Dell EMC, Microsoft, Siemens AG, Symantec, Intel and others provide advance preview of best practices for [...]
Media Contact
Carol Fusaro
Virtual Inc.
[email protected]