By Tim Greene
Network World
February 08, 2010
Three respected security professionals have issued a call for developers to learn and practice secure programming in an effort to reduce the number of exploits directed at applications.
Called the Rugged Manifesto, the document encourages developers to adopt characteristics that will lead them to write more secure applications.
The three authors of the manifesto are Josh Corman, an analyst with The
451 Group; David Rice, formerly with the National Security Agency and author of Geekonomics, a book about the real cost of insecure software; and Jeff Williams, the chairman of OWASP, an organization focused on Web application security. The trio announced the project at the SANS Institure AppSec Conferenc in San Francisco Monday.
The problem now, Corman says, is that developers write code assuming the only task is to make it perform a function. But that can lead to programs riddled with vulnerabilities that can in turn lead to economic damages, lost data and lost productivity. "We have to get to the mass of programmers who simply don't realize their code is being attacked and subverted by talented and persistent adversaries," he says.
The three are trying to motivate developers to aspire to rugged ideals and to learn how their code can be more secure. It's a philosophy or value set accompanied by business cases showing why it makes economic sense to write rugged software rather than dealing later with the consequences of vulnerable software.
skip to main |
skip to sidebar
10% off Kaspersky Internet Security 2010
10% off Kaspersky Internet Security 2010 - Everything you Need for a Secure and Safe Internet Experience Offer Expires 08/10/10
Coupon Code: KASUK10%OFF
10% off Kaspersky Internet Security 2010
10% off Kaspersky Internet Security 2010 - Everything you Need for a Secure and Safe Internet Experience Offer Expires 08/10/10
Coupon Code: KASUK10%OFF
Huge Discounts with iRemove
