Home > ASQ Washington, DC &... > Events > CANCELLED: Software SIG:...
Printable Version
Tell a friend
CANCELLED: Software SIG: Secure SDLC – SW Assurance
Where
MITRE McLean; FDA Silver Spring; MITRE Bedford MA; MITRE Eatontow
MITRE-2 room 1N100, 7525 Colshire Drive, McLean, VA 22102
FDA, Bld 66, room G512, 10903 New Hampshire Avenue, Silver Spring, MD
various, Maryland
703-983-6127
When
December 20, 2011
Software Assurance: Enabling Enterprise
Resilience and Software Supply Chain Risk
Management
by: Joe
Jarzombek
Tuesday December 20, 2011
With today’s global IT software supply chain, project management and software/systems engineering processes must explicitly address security risks posed by exploitable software. Traditionally, these disciplines have not clearly and directly focused on software security risks that can be passed from projects to the organization. Software security assurance processes and practices span development and acquisition and can be used to enhance project management and quality assurance activities. Mr. Jarzombek explains the critical need for adherence to the practices, guidelines, rules, and principles used to build security into every phase of software development. He addresses how the Common Weakness Enumeration (CWE) provides the characterization of exploitable software constructs, and he discusses why this is needed to advance software security assurance.
Joe served in the U.S. Air Force as a
Lieutenant Colonel in program management. After
retiring from the Air Force, he worked in the
cyber security industry as vice president for
product and process engineering. Joe
also served in two software-related positions
within the Office of the Secretary of Defense
prior to accepting his current DHS
position.
The National Cyber Security Division
(NCSD) works collaboratively with public,
private, and international entities to secure
cyberspace and America’s cyber assets. To
protect the cyber infrastructure, NCSD has
identified two overarching
objectives:
• To build and maintain an
effective national cyberspace response system
• To implement a cyber-risk management program for the protection of critical infrastructure
For details, see the December Software SIG Announcement.
5:30 PM –
Networking and
Pizza(*)
5:50 – 6:50 PM –
Program
(*) There is no cost to attend at McLean
and Silver Spring.
Locations:
The presentation will originate at the
McLean facility, with video
tele-conferencing (VTC)
between:
|
MITRE-2, room 1N100 7515 Colshire
Drive McLean, VA 22102 host: Scott
Ankrum cell:
240-731-7581 |
FDA, Bld 66, room
G512 10903 New Hampshire
Ave Silver
Spring, MD 20993 cell: 301-996-4976 |
| ||
|
|
Your location could be here! |
MITRE, room 1M306 202 Burlington Rd (Rt.
62) Bedford, MA 01730 host: Tim Rice cell: 978-758-2704 | ||
If you can host
another location via VTC, please contact
Scott Ankrum (below)
TO ATTEND THE MeetingPlace
Collaboration
CONFERENCE:
1. Go to:
http://audioconference.mitre.org/ 2.
Click on Attend Meeting. If MeetingPlace
Collaboration Window does not automatically
open, press connect. 3. Dial your telephone to
connect to the audio of the
meeting.
·
Dial 703-983-6338
(x36338) from the Washington DC
region.
·
Dial 781-271-6338
(x16338) from the Bedford, MA
region.
Meeting ID:
509509, when prompted.
Meeting Password: 05090509, when
prompted.
Visit
http://audioconference.mitre.org to test your
web browser for compatibility with the web
conference. Follow
this link to
the browser test link on the page.
Registration:
Registration
Website: http://www.asq509.org/ht/d/DoSurvey/i/26913
You must
register by noon on Monday, December
19.
If you cannot attend at any location,
select telephone dial-in when you
register.
To RSVP for FDA (Silver Spring),
please indicate
citizenship. If not a US citizen,
please provide your title, employer, and
address.
Allow 2 business days for
registration before the
meeting.
Add To Outlook
Add To Google