Tag Archives: SDLC
Outsourcing, Cost Cutting and the Boeing 737 Max Debacle
August 12, 2019 – 6:00 am
–
When we thought that Boeing had come up with ways to mitigate the risks that resulted in two major air crashes, we learn that Boeing has been outsourcing their software development to Indian companies that hired newbie temporary programmers for as little as $9 per hour, as described in a June 28,…
The Quest for Secure and Resilient Software
July 19, 2010 – 6:00 am
–
Secure and Resilient Software Development (CRC Press, 2010) by Mark Merkow and Laksh Raghavan is a really good book. It addresses a key security area that is generally given short shrift, even though purportedly more than 70 percent of breaches result from attacks on the application layer. The…
BSIMM – Top Ten Surprises
May 26, 2009 – 6:00 am
–
In a prior column, I described the results of a survey conducted by Gary McGraw, Sammy Migues and Brian Chess published in the BSIMM (Build Security In Maturity Model) report available at http://bsi-mm.com/ Most of the results are intuitively obvious … after the fact, that is. But some…
The OCC and Application Security: Vindication at Last