Posted by: Jessica Scarpati
secure software development, Security Wire Weekly
Chris Wysopal, CTO of Veracode on code analysis and how the SANS/CWE Top 25 Programming Errors list can be applied effectively by software development groups.
SANS releases revised top 25 serious coding errors list
The latest list adds profiles to help organizations tailor the list to their needs and mitigation techniques to help software developers apply better practices to the SDL.
New York drafts language demanding secure code:
State will demand software makers certify their software does not contain the coding errors listed in the CWE/SANS Top 25 Dangerous Programming Errors.
SANS: Application threats, website flaws pose biggest security threats:
A new report from the SANS Institute calls flaws in client-side applications often the most ignored by IT professionals.