[ISN] DHS site offers security tools, tips for software developers
InfoSec News
isn at c4i.org
Thu Oct 6 00:06:05 EDT 2005
http://www.gcn.com/vol1_no1/daily-updates/37218-1.html
By Patience Wait
GCN Staff
10/05/05
The Homeland Security Department has launched a secure portal to
provide best practices, tools and other resources for creating more
reliable and secure software for developers and security
professionals.
The new Web site, Build Security In [1], was developed in conjunction
with the Carnegie Mellon Software Engineering Institute. It was
unveiled at a software assurance forum this week co-hosted by DHS and
the Defense Department.
The site takes a building-block approach, with content areas separated
into different phases of the software development life cycle such as
architecture and design, systems analysis and testing, and
implementation. Within each area, articles are compiled discussing
best practices for that particular aspect of software development.
Andy Purdy, acting director of DHS' National Cyber Security Division,
told forum participants that improving the security and reliability of
software is a critical element in protecting the nation's
infrastructure.
Software assurance efforts have to "shift the paradigm from patch
management to true software assurance," Purdy said. "Our objectives
are to raise the awareness on software quality and security by
improving software development and acquisition processes and
practices."
[1] http://buildsecurityin.us-cert.gov/
More information about the ISN
mailing list