Across the Software Development Life Cycle
Task force members have considered how to achieve meaningful
and measurable vulnerability reductions through collaborative
standards, tools and measures for software; new tools and methods
for rapid patch deployment; and best-practice adoption across
the entire critical infrastructure. The work has included discussion
of how to build — and how to teach building — secure
software from the ground up, as an embedded and simple feature
in all software systems going forward. This important task
force is comprised of software experts from the vendor, systems
integration and end-user communities.
Full Report (PDF)
Subgroup Appendix (PDF)
Moritz, Computer Associates
Holleyman, President and CEO, Business Software Alliance
Paralegal Schools: AL, AB, AZ, BC, CA, CO, CT, FL, GA, HI, ID, IL, IN, IA, KS, KY, ME, MA, MI, MN, MO, NE, NV, NH, NJ, NM, NY, NC, OH, OK, ON, OR, PA, SC, SD, TN, TX, UT, VA, WI
Benzel, Information Sciences Institute/University of Southern
Cohen, Burton Group
Danahy, Ounce Labs, Inc.
Davis, Software Engineering Institute
Dill, PivX Solutions, Inc.
Fleming, SH&E, International
Air Transport Consultancy
Foat, Defense – wide
Information Assurance Program
George, National Security Agence
Guerrino, Bank of New York
Humphrey, Software Engineering Institute
Jagadeesan, Lucent Technologies
Jarzombek, Office of Assistant Secretary of Defense
Kim, AlphaInsight Corporation
Lewis, Center for Strategic and International Studies
Lloyd, Hewlett Packard
Millar, Hewlett Packard
Ozier, ISSA – GAIP Executive Committee
Payne, Cigital, Inc.
Redwine, James Madison University
Schwalm, Good Harbor
Shively, PivX Solutions, Inc.
Vasudevan, Sand Hill Group
Venkataraman, Appstream Inc.
Zibulski, SAP Labs