(ieeecs-media.computer.org)

180 points beryilma | 1 comments | 21 Oct 24 19:16 UTC | HN request time: 0.216s | source

Show context

tptacek ◴[21 Oct 24 21:44 UTC] No.41908836[source]▶

>>41907412 (OP) #

SWEBOK 4 adds a dedicated section for security, but it's painfully 2012 (testing, for instance, centers on the old industry-driven "SAST" vs. "DAST" distinction). It also promotes stuff like Common Criteria and CVSS. The "domain-specific" security section could have been pulled out of the OWASP wiki from 2012 as well: "cloud", "IOT", "machine learning".

replies(2): >>41910272 #>>41911429 #

1. mixmastamyk ◴[22 Oct 24 05:21 UTC] No.41911429[source]▶

>>41908836 #

Believe it is supposed to be slow-moving, keeping to settled matters. Have those fallen out of favor, or shown to be wrong already?

↑

Software Engineering Body of Knowledge (SWEBOK) v4.0 is out [pdf]