[SASAG] Anyone know a local or close to local Software Security Domain Expert?

Troy Davis troy at yort.com
Wed Jul 18 07:29:46 PDT 2007


Leeland wrote:

> So I am looking for a few real world software security domain experts
> (with solid credentials). What I need right now is someone who can
> give a few short courses (that hopefully will not put people to sleep)
> that will introduce the big picture, and most importantly the
> established security terminology. In other words something like
> "Introduction to Software Security for Dummies".

On behalf of your users and customers, thanks.  Just realizing it's a
teachable, coachable, improvable process and acting on that puts you a
head above most.

I've worked with, and been very impressed with, two resources.  Talk to
both.

 - Creation Logic (Mike Simon).  Mike's not afraid to dig into
technically and politically challenging situations, mix in the exact
skills and knowledge they need, and help every stakeholder get something
from it.  He's taught infosec at the UW.  creationlogic.com

 - IOActive (Josh Pennell).  These guys set the gold standard globally
for code security audits.  They help "the usual suspects" who need it,
when not busy winning DEFCON CTF.  ioactive.com


Troy



More information about the Members mailing list