Industry News Coverage - 2010 Archive
Industry News Coverage - 2010 Archive
Below is a comprehensive monthly review of the news and other media's coverage of CWE. A brief summary of each news item is listed with its title, author (if identified), date, and media source.
Federal News Radio, March 10, 2010
Federal News Radio interviewed CWE/CAPEC Program Manager Robert A. Martin on March 10, 2010 about CWE and the Top 25 Most Dangerous Programming Errors. In the interview, entitled "Top federal software security holes exposed," Martin states: "The big problem is that traditional education in our country and across the world for software developers, for testers, for program managers has pretty much ignored this area. We put them into our software because we didn't know how they happened. So the CWE, the full Common Weakness Enumeration and then this prioritized part of the CWE, which we're calling the Top 25 Most Dangerous Programming Errors is basically an education tool at the first level. These are issues you should be aware of. You should ask your developers "have you been trained to recognize these if someone puts them in accidentally? Do you know how to program around these so that you don't introduce them?" You test people. "Do you know how to try to misuse and abuse your system?" So that, if there any of these latently in your software, you can find them before the user has it in his hands." A summary of the interview was published on the Federal News Radio Web site.
Federal News Radio, March 3, 2010
Federal News Radio interviewed Joe Jarzombek, director for software assurance in the National Cyber Security Division of the Department of Homeland Security, on March 3, 2010 about software assurance. In the interview, entitled, "Software assurance affects more than just programmers," Jarzombek "explains why the CWE benefits cyber security -- and why this impacts more than programmers." A summary of the interview was published on the Federal News Radio Web site.
February 2010
February 2010
2010 CWE/SANS Top 25 Programming Errors List Receives Extensive News Coverage
CWE and the SANS Institute posted the completed 2010 CWE/SANS Top 25 Programming Errors on the CWE and SANS Web sites on February 16, 2010. A collaboration between the SANS Institute, MITRE, and over 40 top software security experts in the U.S. and Europe, the list provides detailed descriptions of the top 25 programming errors along with authoritative guidance for mitigating and avoiding them.
The release received extensive news media coverage:
- Top 25 Most Dangerous Programming Errors Revealed, InformationWeek, February 16, 2010
- Hold vendors liable for buggy software, group says, Computerworld, February 16, 2010
- Top 25 Programming Errors Highlight Application Security Challenges, eWeek, February 16, 2010
- SANS Institute, MITRE release new top 25 dangerous coding errors list, SearchSecurity.com, February 16, 2010
- Top 25 most dangerous programming errors, Help Net Security, February 16, 2010
- Experts: Developers Responsible for Programming Problems, CIO, February 16, 2010
- Security agencies release Top 25 programming errors,Government Computer News, February 16, 2010
- 25 ways to better secure software from cyber attacks, Scientific American, February 16, 2010
- Is It Time For Software Liability?, InformationWeek blog, February 16, 2010
- Top 25 programming errors for 2009 announced in Washington D.C., neowin.net, February 16, 2010
- Top 25 most dangerous programming errors, net-security.org, February 16, 2010
- Top 25 Most Dangerous Programming Errors Revealed, Information Week, February 16, 2010
- Proposal Would Hold Software Developers Accountable For Security Bugs, DarkReading, February 16, 2010
- Top 25 Programming Errors Highlight Application Security Challenges, eWeek, February 16, 2010
- Software developers are to blame for most cyberattacks, say security experts, Emily Long, nextgov, February 16, 2010
- Security Experts: Developers Responsible for Programming Problems, CSO Magazine, February 16, 2010
- MITRE, List of 2010's Most Dangerous Programming Errors, TheServerSide.com, February 16, 2010
- Top 25 Programming Errors: Should Software Developers be Liable?, Bankinfo Security, February 16, 2010
- Is It Time For Software Liability?,Information Week, February 16, 2010
- Group Proposes Suits Over Faulty Code, Gov Info Security, February 16, 2010
- The top 25 most dangerous programming errors, Sunbelt Blog, February 16, 2010
- Experts: Developers Responsible for Programming Problems, Computerworld/IDG Norway, February 16, 2010
- HLRL: Common Security Vulnerabilities, HoffmanLabs.com blog, February 16, 2010
- 2010 SANS Top 25 Most Dangerous Programming Errors Released, cgisecurity.com, February 16, 2010
- 16 Feb 2010: Red Hat's Top 11 Most Serious Flaw Types for 2009, awe.com blog, February 16, 2010
- CWE/SANS Top 25 Most Dangerous Programming Errors 2010, WebApp Focus Profile, TacticalWebAppSec blog, February 16, 2010
- 2010 CWE/SANS Top 25 Most Dangerous Programming Errors Released, The Falcon's View, February 16, 2010
- Interesting Information Security Bits for 02/16/2010, Infosec Ramblings, February 16, 2010
- Security agencies release Top 25 programming errors, Government Computer News, February 17, 2010
- Software vendors should be legally liable for buggy code, CIO Magazine, February 17, 2010
- SANS/CWE top 25 most dangerous programming errors, iTWire, February 17, 2010
- Research Highlights Top 25 Programming Errors Cross-site scripting tops the list, Softpedia, February 17, 2010
- Top 25 Programming Errors list updated, The H, February 17, 2010
- Top 25 programming errors uncovered, Computer Business Review, February 17, 2010
- List Of Top 25 Most Dangerous Programming Errors Published, ITProPortal, February 17, 2010
- Top 25 coding errors – are your software suppliers secure?, ComputerWeekly.com, February 17, 2010
- SANS Top 25 Most Dangerous Programming Errors, the same as very often..., infosecuritymagazine.com/blog, February 17, 2010
- Experts reboot list of 25 most dangerous coding errors, The Register, February 17, 2010
- Software vendors should be legally liable for buggy code, CIO Magazine, February 17, 2010
- Programmers blamed for cyberattacks, Federal News Radio, February 17, 2010
- Developers: The 25 Most Dangerous Programming Errors, Slashdot, February 17, 2010
- Top 25 coding errors, are your software suppliers secure?, Computer Weekly, February 17, 2010
- List Of Top 25 Most Dangerous Programming Errors Published, ITProPortal, February 17, 2010
- Experts list dangerous coding errors, ITweb, February 17, 2010
- 2010 CWE/SANS Top 25 Most Dangerous Programming Errors, DevX.com, February 17, 2010
- New group calls for holding vendors liable for buggy software, Homeland Security Newswire, February 17, 2010
- Application security and Top 25 coding errors, Security Wire Weekly podcast, February 17, 2010
- Research Highlights Top 25 Programming Errors, Cross-site scripting tops the list, Softpedia, February 17, 2010
- 2010 CWE/SANS Top 25 Most Dangerous Programming Errors Published, ditii.com, February 17, 2010
- Use of hard-coded credentials, a dangerous programming error: CWE, ManageEngine.com blog, February 17, 2010
- Top 25 Dangerous Programming Errors Updated, ThreatPost blog, February 17, 2010
- Bug Free Software, It's The Law!,blog.utest.com, February 17, 2010
- Top 25 Programming Errors list updated, h-online.com, February 17, 2010
- I Repeat Myself When Under Stress, I Repeat Myself When Under Stress, Cigital.com, February 17, 2010
- When will Vendors provide Risk Assessments of their products?, blog.kraasecurity.com, February 17, 2010
- SANS/CWE top 25 most dangerous programming errors, iTWire, February 18, 2010
- Security groups outline top 25 programming errors for 2010, infosecurity.com, February 18, 2010
- Report Profiles Top Software Security Coding Errors, Application Development Trends, February 18, 2010
- Report Profiles Top Software Security Coding Errors, Redmund Channel Partner Online, February 18, 2010
- SANS Names Mistakes That Cause Vulnerability, InternetNews.com, February 18, 2010
- New York State holds software developers accountable, infosecurity.com, February 18, 2010
- SANS Names Mistakes That Cause Vulnerability, CodeGuru.com, February 18, 2010
- Experts consolidate to make software companies liable for program flaws, Ecommerce Journal, February 18, 2010
- Daily Dose - 25 Most Dangerous Programming Errors Updated, Javalobby, February 18, 2010
- Report Profiles Top Software Security Coding Errors, Redmond Developer News, February 18, 2010
- Security agencies release Top 25 programming errors, FCW.com, February 18, 2010
- 2010 CWE/SANS Top 25 Most Dangerous Programming Errors, DZone, February 18, 2010
- Daily Dose, 25 Most Dangerous Programming Errors Updated, DZone, February 18, 2010
- JavaRanch, CodeRanch.com, February 18, 2010
- SANS Names Top 25 Programming Errors, CodeGuru.com, February 18, 2010
- Thousands of Companies and Their Computers Hacked In Newly Discovered Coordinated Attack, IEEE Spectrum blog, February 18, 2010
- Review of Top 25 document, jducoeur.livejournal.com, February 18, 2010
- sans top 25 released, and thoughts on procurement contracts, terminal23.net, February 18, 2010
- Software Glitches Will Take Down Your Company, blog.weblayers.com, February 18, 2010
- Mitternachtshacking, Midnight Hacking, February 18, 2010
- Top 25 Coding Errors, Geek News Central, February 19, 2010
- application of Top 25 to control systems, digitalbond.com, February 19, 2010
- 2010 CWE/SANS Top 25 Most Dangerous Programming Errors Released, 12robots.com, February 22, 2010
- On MeeGo, a Budding Geek and the 25 Most Dangerous Programming Errors, LinuxInsider, February 22, 2010
- Top federal software security holes exposed, Federal News Radio, March 10, 2010
- Die 25 gefahrlichsten Programmierfehler, Germany
- Which of the Top 25 is the most dangerous?, France
- Neuauflage der 25 schlimmsten Programmierfehler, Austria
- Top 25 der Programmierfehler revisited, Germany
- Maak softwarebedrijven verantwoordelijk voor fouten, Netherlands
- Windows Administrator Blog, Thailand
- CWE/SANS Top 25 Most Dangerous Programming Errors 2010, Russia
- Nov seznam najpogostej.ih napak programerjev, Slovenia
- prog.hu, Hungary
- Top 25: cele mai periculoase erori de programare, Romania
- las 25 fallas de desarrollo de aplicaciones, Spanish
- Korean IDG, Korea
- 25 vaarallisinta koodausmokaa, Finland
- Die 25 gefahrlichsten Programmierfehler, Germany
- itviikko.fi, Finland
- Ecco la lista dei 25 errori di programmazione piu pericolosi, Italy
- root.cz, Czech Republic
- Os 25 erros de programacao mais perigosos, Brazil
- Descubierta y corregida una vulnerabilidad de seguridad en Google Buzz, Spain
- Lista traz os 25 piores erros de programacao, Brazil
- 25 najniebezpieczniejszych bledow programistycznych, Poland
- 25-najgrozniejszych-bledow-programisty, Poland
- Petindvajset najnevarnejsih programerskih napak, Slovak Republic
- IT News, Slovak Republic
- Les 25 erreurs de programmation les plus courantes, France
- cnblogs, China
- journal.mycom.co.jp/news, Japan
- Japanese Slashdot, Japan
- le Top 25 des erreurs de programmation, France
- WNZ: Top 25 kodefejl du ikke skal lave, Denmark
- op 25 gevaarlijkste programmeerfouten, Netherlands
- Datubazes, Latvian translations, Latvia
- dimka.lv, Latvia
- Los 25 errores de programacion mas comunes, Spain
- nixu.fi, Finland
More information is available — Please edit the custom filter or select a different filter.
|
