CII’s Nicko van Someren weighs in on the Common Vulnerability and Exposures (CVE) assigment system and the implications of delay, giving attackers time to develop and refine their tools and techniques.
Christina Mulligan reports on CII’s latest news announcing its investment in the Open Web Application Security Project Zed Attack Proxy project (OWASP ZAP), a security tool designed to help developers identify vulnerabilities in their web apps.
CII’s Emily Ratliffe describes the dangers of development teams living below the security poverty line.
Read more at SecurityWeek.
Randal Schwartz and Guillermo Amaral of FLOSS Weekly interview The Linux Foundation’s senior director of security infrastructure Emily Ratliff and David Wheeler of The Institute for Defense Analyses (IDA) and an expert on developing secure software and on open source software.
The Core Infrastructure Initiative (CII) Best Practices badge is a way for Free/Libre and Open Source Software (FLOSS) projects to show that they follow best practices. Projects can voluntarily self-certify, at no cost, by using this web application to explain how they follow each best practice.
Watch the episode here.
Gunnar Hellekson interviews Dr. David A. Wheeler and Emily Ratliff about the launch of CII’s Best Practices Badge program.
Listen to it at The Dave and Gunnar Show.