CWE
Home > CWE/SANS Top 25 > Documents & Podcasts  

CWE/SANS Top 25 Documents & Podcasts
CWE/SANS Top 25 Documents & Podcasts

OWASP Interview with MITRE

February 23, 2009 — OWASP Podcast Series #11

Federal Security Spotlight

February 5, 2009 — Federal Security Spotlight this week looks behind the scenes in the creation of a new tool for security professionals. The Top 25 Most Dangerous Programming Errors are found in government and industry software, and if programmers can be trained not to write them in, cyber security could improve. The list was the joint work of Mitre Corporation and the SANS Institute, and we talk to Bob Martin, a software expert at Mitre; and Alan Paller, the research and education head of SANS Institute. (Links mentioned during the show: SANS TOP 25 Most Dangerous Programming Errors, Application Security Procurement Language)

SDL and the CWE/SANS Top 25

January 27, 2009 — MSDN Blogs: The Security Development Lifecycle

Application Security Procurement Language

New York State has produced draft procurement standards to allow companies to buy software with security baked in.

If you wish to join the working group to help improve the procurement guidelines you can go to the New York State Cyber Security and Critical Infrastructure Coordination web site www.cscic.state.ny.us/resources/aspl.cfm.

Draft New York State procurement language will be posted at www.sans.org/appseccontract.

Back to top
Page Last Updated: March 30, 2009
 

CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us