The RSA Share Project: A Software Security Developer Community

This week, RSA, the Security Division of EMC, launched the RSA Share Project — an important milestone for those of us interested in advancing the adoption of security practices across the software developer community. According to the press release, the project is “designed to bring world-class security tools within reach of corporate and independent software developers” and “features the launch of a new online community designed to provide support, answers and strategies from security experts as well as no-cost access to technology from RSA”.

This directly intersects with two of the five fundamental aspects of software security assurance that I outlined in my post: People and Technology.

On the technology side, RSA is making BSAFE ® Encryption Toolkits available at no cost to application developers under the name RSA BSAFE Share. Ten years ago, I had to spend hundreds of thousands of dollars of my previous company’s money to acquire the license to use a BSAFE encryption toolkit. The same technology, upgraded for 21st century security and implemented in thousands of other IT products, is now available for software developers to integrate into their own commercial and non-commercial applications and products.

On the people side, RSA is complementing RSA BSAFE Share products with an on-line community for software developers. Make sure that you visit it and more importantly, participate!

I previously discussed the upsides and the downsides of the use of encryption by software developers. It’s good to know that developers who need to implement encryption can now have both — access to proven technology and an online community to discuss how to properly implement it.

About the Author: Eric Baize

Throughout his career, Eric Baize has been passionate about building security and privacy into systems and technology from design to deployment. He currently leads Dell EMC’s Product Security Office and serves as Chairman of SAFECode, an industry-led non-profit organization dedicated to advancing software and supply chain security best practices. At Dell EMC, Eric leads the team that sets the standards and practices for all aspects of product security for the product portfolio: Vulnerability response, secure development, consistent security architecture, and code integrity. Eric joined Dell through its combination with EMC where he built EMC’s highly successful product security program from the ground up and was a founding member of the leadership team that drove EMC’s acquisition of RSA Security in 2006. He later led RSA’s strategy for cloud and virtualization. Prior to joining EMC in 2002, Eric held various positions for Groupe Bull in Europe and in the US. Eric has been a member of the SAFECode Board of Directors since the organization was founded in 2007 and also serves on the BSIMM Board of Advisors. He holds multiple U.S. patents, has authored international security standards, is a regular speaker at industry conferences and has been quoted in leading print and online news media. Eric holds a Masters of Engineering degree in Computer Science from Ecole Nationale Supérieure des Télécommunications de Bretagne, France and is a Certified Information Security Manager. Follow Eric Baize on Twitter: @ericbaize
Topics in this article