Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Software security specifications
From: Jeff Williams (jeff.williamsaspectsecurity.com)
Date: Mon Feb 21 2005 - 23:22:40 CST
Check out the OWASP Secure Software Development Contract Annex
Everyone involved with a software contracting relationship of any kind, even
within a single application team, should have a discussion about security.
This document is a *starting point* and is intended to facilitate that
Please let the team know if this document is helpful, or if you don't like
the model. We're actively trying to improve the document.
The OWASP Foundation
----- Original Message -----
To: <webappsecsecurityfocus.com>; <secprogsecurityfocus.com>
Sent: Monday, February 21, 2005 11:17 AM
Subject: Software security specifications
>I need to develop a policy that will list security requirements for
> new applications developed internally or by contractors, general
> specifications like validate input ecc...., I am looking for some good
> resources on the subject, any recommendations?
> Best Regards,