Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Brian Chess (Fortify Software)
March 2009 - Podcast An Experience-Based Maturity Model for Software Security

Topics: Software Assurance

In this podcast, participants discuss how observed practice, represented as a maturity model, can serve as a basis for developing more secure software.

February 2009 - Podcast An Alternative to Risk Management for Information and Software Security

Topics: Cyber Risk and Resilience Management

In this podcast, Brian Chess explain how standards, compliance, and process are better than risk management for ensuring information and software security.