Introducing SAFECode

Today SAFECode, the Software Assurance Forum for Excellence in Code, introduced its first white paper, "Software Assurance: An Overview of Current Industry Best Practices."

The organization was founded by Microsoft, Symantec, EMC, SAP and Juniper to advance understanding and practices related to secure development and integrity controls. Our goal is to raise the security bar across the software industry to reduce vulnerabilities.

There is a small number of working groups within SAFECode, and I am very pleased to chair the Development Processes working group.

Over time, SAFECode will produce many resources to help raise the state-of-the-art in software security.

SAFECode is a great example of "industry helping industry," because it is led by people who have "been there, done that" and have the battle scars to prove it. All members have had security vulnerabilities and learned from the vulnerabilities and changed their processes to help deliver more secure code for customers.

A big benefit is SAFECode is it is not an academic or theoretical endeavor, everything produced by SAFECode will be practical and most importantly, known to improve software security.

Stay tuned.

Comments (6)
  1. The number of times I see software that I'm installing that does not have a "verification signature"

  2. MVPs says:

    The number of times I see software that I'm installing that does not have a "verification signature"

  3. Marco Morana says:

    Kudos to the safecode initiative and the software security best practices whitepaper. Mr. Paul Kurtz has the right experience to advocate for software security assurance at government and industry level as he successfully did for information security assurance when he led the CSIA (Cyber Security Industry Alliance).

  4. Igor Levicki says:

    Yeah right, every time I see Symantec aka King Of Bloatware doing something on security my skin starts to crawl.

  5. a {color : #0033CC;} a:link {color: #0033CC;} a:visited.local {color: #0033CC;} a:visited {color : #800080;}

Comments are closed.

Skip to main content