The Software Assurance Forum for Excellence in Code (SAFECode) has set up an international board of advisors to...
help advance software assurance methods.
The announcement at the RSA Conference Europe in London comes a year after major IT suppliers set up the non-profit organisation.
SAFECode is dedicated to increasing trust in information and communications technology products and services through the advancement of secure software development practices and effective assurance methods.
SAFECode's international board of advisors includes representatives of government agencies, private-sector organisations and academic institutions from around the world.
Paul Kurtz, executive director of SAFECode, said the board will help guide the organisation's efforts to improve the security and integrity of software.
"We share a common belief that software assurance plays a vital role in strengthening the security of our information infrastructure and we are thrilled to have the opportunity to leverage the diverse expertise and insight of this board," he said.
SAFECode members are EMC, Juniper Networks, Microsoft, Nokia, SAP, and Symantec.
Kurtz said these organisations work under non-disclosure agreements to share information on best practices for developing secure code and would welcome new members, including experts from the open source community.
"We would like to expand and are most interested in organisations who develop software every day, which includes those in the open source community and outside the US and Europe," he said.
SafeCode has published a guide to the most effective secure development practices in use today drawn for the collective experience of its membership.
The organisation plans to concentrate on ways of developing a secure supply chain, the value of industry certifications, and further research and development around secure coding practice, said Kurtz.
What is SAFECode?
The Software Assurance Forum for Excellence in Code (SAFECode) is a non-profit organization exclusively dedicated to increasing trust in information and communications technology products and services through the advancement of effective software assurance methods. SAFECode is a global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services.Its members include EMC Corporation, Juniper Networks, Inc., Microsoft Corp, Nokia, SAP AG and Symantec Corp.
SAFECode board of advisors
- William C. Barker, Chief Cyber Security Advisor, National Institute of Standards and Technology
- Matt Bishop, Professor, Department of Computer Science, University of California, Davis
- Paul Dorey, Director, CSO Confidential & Chairman of the Institute of Information Security Professionals
- Claudia Eckert, Professor, Fraunhofer Institute for Secure Information Technology
- Zoltán Hornák, Budapest University of Technology and Economics, SEARCH Security Evaluation Analysis and Research Laboratory
- Alan Paller, Director of Research, SANS Institute
- Joachim Posegga, Chair of IT-Security, Institute for IT Security and Security Law (ISL), University of Passau
- Juha Röning, Professor, University of Oulu (Finland)
- Reijo Savola, Network and Information Security Research Coordinator, VTT Technical Research Centre of Finland
- Dan S. Wallach, Associate Professor, Department of Computer Science, Rice University (Houston, Texas)