I read a news article about SANS & Partners Secure
Coding Assessment and
Certification Exams for Programmers.
http://www.se
curityfocus.com/news/11454
This webpage gives a lot of details about it, who is doing
this, and how
they score, etc:
http://www.sans-ssi.org/
I copied and paste the Project Goals from that site:
* Allow employers to rate their programmers on security
skills so they
can be confident that every project has at least one
"security master" and
all of their programmers understand the common errors and
how to avoid
them.
* Provide a means for buyers of software and systems
vendors to
measure the secure programming skills of the people who work
for the
supplier.
* Allow programmers to identify their gaps in secure
programming
knowledge in the language they use and target education to
fill those
gaps.
* Allow employers to evaluate job candidates and
potential consultants
on their secure programming skills and knowledge.
* Provide incentive for universities to include secure
coding in
required computer science, engineering, and programming
courses.
* Provide reporting to allow individuals and
organizations to compare
their skills against others in their industry, with similar
education or
experience or in similar regions around the world.
Sounds interesting ...
Jeremy C. Reed
_______________________________________________
BSDCert mailing list
BSDCert lists.nycbug.org
http
://lists.nycbug.org/mailman/listinfo/bsdcert
|
