[SASAG] Anyone know a local or close to local Software Security Domain Expert?

Dave Cohoe dave.cohoe at gmail.com
Tue Jul 10 08:16:36 PDT 2007


FWIW, Security Innovation has some decent webcasts on Writing Secure
Code and Application Security at

These might be good for the brown bags you mentioned.


Dave Cohoe, CISSP, RHCT, MCP
"Adventure is just bad planning." - Roald Amundsen

On 7/9/07, members-request at lists.sasag.org
<members-request at lists.sasag.org> wrote:

> Date: Mon, 9 Jul 2007 07:44:22 -0700
> From: Leeland <leeland06 at greydragon.com>
> Subject: [SASAG] Anyone know a local or close to local Software
>         Security        Domain Expert?
> To: "Seattle Area System Administrators Guild"
>         <members at lists.sasag.org>
> Message-ID:
>         <a9b240980707090744n2fcdf600qf27ed5df815e4148 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> My company is trying to wrestle with the software security issues.
> Like most places they left security mostly to the end and are paying
> for it now. I am working on their Security Consortium group that has
> been formed to start pushing back into all areas (design, testing,
> development, and deployment) to improve security. Problem is most of
> the people here do not know the security lingo, best practices, etc.
> So I am looking for a few real world software security domain experts
> (with solid credentials). What I need right now is someone who can
> give a few short courses (that hopefully will not put people to sleep)
> that will introduce the big picture, and most importantly the
> established security terminology. In other words something like
> "Introduction to Software Security for Dummies".
> I am looking at SANS courses and Usenix too. But, we want to get ALL
> of the people in Qpass involved. So that means a few on site brown
> bags.
> Suggestions?
> Thanks in advance!
> + Leeland

More information about the Members mailing list