SSDF BSIMM mapping updated for BSIMM14
Jun 18, 2024
|
8 min read
| CARVIEW |
Select Language
HTTP/2 200
x-vhost: blackduck
content-security-policy: default-src 'self' 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' data: blob: edge.adobedc.net adobedc.demdex.net *.adobe.com *.adobe.io cdn.cookielaw.org assets.adobedtm.com kit.fontawesome.com ka-p.fontawesome.com munchkin.marketo.net adobedc.demdex.net snap.licdn.com *.drift.com js.driftt.com js.zi-scripts.com j.6sc.co geolocation.onetrust.com ipv6.6sc.co c.6sc.co b.6sc.co epsilon.6sense.com px.ads.linkedin.com static.cloud.coveo.com boards.greenhouse.io *.mktoresp.com ws.zoominfo.com job-boards.greenhouse.io api.company-target.com *.org.coveo.com synopsysnonproduction2yln023as.analytics.org.coveo.com *.brighttalk.com brighttalk.com js.zi-scripts.com *.blackduck.com blackduck.com players.brightcove.net *.brightcove.com manifest.prod.boltdns.net *.brightcovecdn.com googletagmanager.com *.googletagmanager.com *.google.com *.google.ca *.google.co.uk google.co.in google.com *.google-analytics.com google-analytics.com googleads.g.doubleclick.net td.doubleclick.net *.googleapis.com *.gstatic.com *.leadspace.com *.clarity.ms *.bing.com *.bing.net *.bing-int.com *.6sc.co *.6sense.co 846-esg-342.mktoutil.com *.youtube.com;
cache-control: max-age=300
expires: Sat, 11 Oct 2025 14:39:30 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
accept-ranges: bytes
age: 0
date: Sat, 11 Oct 2025 14:34:31 GMT
strict-transport-security: max-age=31557600
set-cookie: affinity="a70f29eb7681d822"; Path=/; HttpOnly; secure
x-served-by: cache-bom-vanm7210080-BOM
x-cache: MISS
x-timer: S1760193270.121763,VS0,VS0,VE1107
vary: Accept-Encoding,User-Agent
content-length: 9670
Secure Code Review Expert Opinion | Mike Lyman
From this Author
Jul 17, 2017/4 min read
Jan 27, 2016/5 min read
When and how to support static analysis tools with manual code review
Jan 27, 2016
|
5 min read
Sep 23, 2015/7 min read
Mike Lyman
Mike Lyman is a senior security consultant at Black Duck. He works with customers on secure code reviews, vulnerability assessments, and trains developers in secure development. Prior to Black Duck, Mike spent 12 years with SAIC and helped create their software assurance offering for DoD customers at Redstone Arsenal, AL; pioneering most of the processes and procedures used by the practice. He learned IT security in the trenches with Microsoft's network security team throughout the heady days of SQL Slammer, Code Red, and Nimda. Prior to that, he was a software developer supporting US Army project offices at Redstone Arsenal and served on active duty as an officer in the US Army. He has been a CSSLP since 2008 and a CISSP since 2002.