Recently, I had a great conversation with my friend Adam Shostack about a petition I started for the Canadian government to adopt a Secure Coding Policy that I wrote. Adam pointed out that my policy is very specific. Much more so than other government guidance like NIST or CISA’s publications. And he’s right! But I…
Why we need to start giving significantly more specific security advice
