After SANS released the list of top 25 the most dangerous programming errors that developers make, many organizations have taken serious steps to require their development team as well as third party vendors to analyze the code against the list.
Next in line are state departments. New York state officials plan to include a requirement in all contracts requiring third party vendors to document how their software has mitigated or otherwise addressed those common weaknesses. In addition to planning to include security-specific language in procurement contracts, New York State has developed a cyber academy with top universities and colleges in the state to train students in the basics of secure application development.
