|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Software security specifications
From: Jeff Williams (jeff.williams
aspectsecurity.com)
Date: Mon Feb 21 2005 - 23:22:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Check out the OWASP Secure Software Development Contract Annex
(http://www.owasp.org/documentation/legal.html)
Everyone involved with a software contracting relationship of any kind, even
within a single application team, should have a discussion about security.
This document is a *starting point* and is intended to facilitate that
discussion.
Please let the team know if this document is helpful, or if you don't like
the model. We're actively trying to improve the document.
--Jeff
Jeff Williams
The OWASP Foundation
www.owasp.org
----- Original Message -----
From: <i.matildegmail.com>
To: <webappsecsecurityfocus.com>; <secprogsecurityfocus.com>
Sent: Monday, February 21, 2005 11:17 AM
Subject: Software security specifications
>I need to develop a policy that will list security requirements for
> new applications developed internally or by contractors, general
> specifications like validate input ecc...., I am looking for some good
> resources on the subject, any recommendations?
>
> Best Regards,
>
> Shawn
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]