The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Its core purpose is to help organizations improve their software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
In this presentation, Mark Sherman and Aaron Ballman discuss the need for secure coding standards, the methodology for common rule development, and systematic rule development. They also discuss how CERT Coding Standards give
developers actionable guidance to create secure code
tool makers guidance to create testers for secure code
acquirers actionable requirements for licensed or developed code