New York adds security to contracts -- Government Computer News

SOFTWARE

New York adds security requirement to software contracts

Empire State to require vendor review of top 25 vulnerabilities

By Kevin McCaney
Jan 21, 2009

New York state, making quick use of the recently released top 25 list of the most dangerous programming errors, plans to require the state’s software vendors to analyze their products against the list, InternetNews.com has reported.

New York officials plan to include a requirement in all contracts requiring vendors to document how their software has mitigated or otherwise addressed those common weaknesses. The state also has developed a program with universities and colleges to train students in secure programming.

The top 25 list, managed by the Sans Institute and Mitre with support from the National Security Agency and the Homeland Security Department’s National Cyber Security Division, is culled from more than 700 entries in the Common Weakness Enumeration database. Released on Jan. 12, it is designed to identify the most significant errors that programmers should concentrate on.

About the Author

Kevin McCaney is the managing editor of Government Computer News.

NASA: Prize money a bargain for better software01/09/2012
Supreme Court hears Microsoft's argument for patent reform04/19/2011
Can you trust your data recovery vendor?09/03/2010
Sophos offers free tool for Windows Shortcut flaw07/28/2010
Opalis now runs on Windows Server 200812/01/2010

Share this Page

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)

Your Email:(optional)

Your Location:(optional)

Comment:

Please type the letters/numbers you see above

Related Podcasts

Unified Computing: An Agile Platform for Your Next Gen Virtualized Data Center

Related Webcasts

Related White Papers

More Resources

GCN eNewsletters

Editorial Webcasts

Service Consolidation: How to Avoid Basic Pitfalls of Shared Services
This is the first webcast of the Series “Future First: Three Steps to Data Center Transformation”. Plan to attend this webcast to support your agency efforts to design a practical roadmap for consolidation of resources and shared services to meet current and emerging program demands. Learn from those who are doing to help you evaluate services in your current operations that may lend themselves to future shared service arrangements. Read more

What is your e-mail address?

Do you have a password?

HOT TOPICS

Resource Center

New York adds security requirement to software contracts

Related Articles

Share this Page

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Kennedy assassination tapes a hit on FDsys site

What you need to know about big data

Big data spawns new breed of 'data scientist'

New York sues big banks over mortgage database

The 3 steps to securing an Android smart phone