This week, RSA, the Security Division of EMC, launched the RSA Share Project — an important milestone for those of us interested in advancing the adoption of security practices across the software developer community. According to the press release, the project is “designed to bring world-class security tools within reach of corporate and independent software developers” and “features the launch of a new online community designed to provide support, answers and strategies from security experts as well as no-cost access to technology from RSA”.
This directly intersects with two of the five fundamental aspects of software security assurance that I outlined in my post: People and Technology.
On the technology side, RSA is making BSAFE ® Encryption Toolkits available at no cost to application developers under the name RSA BSAFE Share. Ten years ago, I had to spend hundreds of thousands of dollars of my previous company’s money to acquire the license to use a BSAFE encryption toolkit. The same technology, upgraded for 21st century security and implemented in thousands of other IT products, is now available for software developers to integrate into their own commercial and non-commercial applications and products.
On the people side, RSA is complementing RSA BSAFE Share products with an on-line community for software developers. Make sure that you visit it and more importantly, participate!
I previously discussed the upsides and the downsides of the use of encryption by software developers. It’s good to know that developers who need to implement encryption can now have both — access to proven technology and an online community to discuss how to properly implement it.