Strengthening Software Security through collaboration

by justiceadmin on Tuesday, September 16, 2008

This is a guest post from Brian Mizelle, a managing principal at Cigital.

Today, Microsoft announced the launching of its SDL Pro Network. Cigital is proud to be part of this pilot offering, and pleased to continue to take the message (and the delivery) of software security to the market. As a network of independent software security professionals, the SDL Pro Network will collectively take our best of breed experiences and work collaboratively to develop unified service offerings around Microsoft’s SDL methodology.

At Cigital we are proud of our extensive experience running more than six large-scale enterprise software security initiatives spanning customers in financial services, independent software vendors, and embedded systems. We have trained several thousand developers, architects and executives on the fundamentals of software security. We have rolled out tools and best practices for many of our best customers. We have helped to grow the software security market from its infancy. Cigital is the largest and most experienced software security services provider in the world, and we look forward to continuing our market leadership through our partnership with Microsoft.

The number of firms delivering software security services is small and forms a tightly knit community, including companies of varying sizes, experience and areas of expertise. As a group, we have all read and embraced the three top software security methodologies, including CLASP from OWASP, the Touchpoints from our own CTO Dr. Gary McGraw, and of course, Microsoft’s SDL. Regardless of what flavor of methodology our customers subscribe to, we all share the common goal of educating and delivering services that protect our clients’ assets and good name through better software security. Collaborative efforts that bring together the best minds in the business can only help improve what we do with our own customers and broaden our thoughts on the subject.

Kudos to Microsoft for pulling the SDL Pro Network together. Our clients will all benefit from the experience…stay tuned to this space for more.