About Juniper

Press Releases

Navigation
Leading Technology Companies Form Industry Group to Advance Software Assurance

SAFECode to promote best practices for the delivery of more secure and reliable software, hardware and services Paul Kurtz named executive director

Arlington, VA. and London (RSA Conference Europe) - Oct. 23, 2007 - A group of leading information and communications technology companies today announced the formation of the Software Assurance Forum for Excellence in Code (SAFECode), a non-profit organization exclusively dedicated to increasing trust in information technology (IT) products and services through the advancement of proven software assurance methods. Founded by EMC Corporation, Juniper Networks, Inc., Microsoft Corporation, SAP AG and Symantec Corp., SAFECode is the first global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services.

As the global dependence on information and communications technology has grown, users have become increasingly concerned over the integrity, security and reliability of software, hardware and services, especially those in the government, critical infrastructure and enterprise sectors. The need to reduce IT vulnerabilities, improve resistance to attack, and protect supply chain integrity has never been more important than in today's increasingly complex and dynamic threat environment. To help achieve these objectives and strengthen the security of the IT ecosystem, SAFECode unites key stakeholders in an effort to advance software assurance by developing and promoting a set of methods for secure product development and integrity controls that protect software, hardware and services across the global supply chain.

While individual companies have implemented effective methods for developing and delivering more secure and reliable software, hardware and services, there has been no coordinated, industry-led effort to build upon this positive work and promote best practices to advance software assurance more broadly. SAFECode fills this critical gap by bringing together subject matter experts to identify and share proven vendor software assurance practices, promote broader adoption of such practices into the cyber ecosystem, and work with governments and critical infrastructure providers to leverage vendor practices to manage enterprise risks.

  • Increase understanding of the secure development methods and integrity controls used by vendors
  • Promote proven software assurance practices among vendors and customers to foster a more trusted ecosystem
  • Identify opportunities to leverage vendor software assurance practices to better manage enterprise risks
  • Foster essential university curriculum changes needed to support the cyber ecosystem
  • Catalyze action on key research and development initiatives in the area of software assurance

To help SAFECode achieve its objectives, the organization has named Paul Kurtz, a recognized cyber security expert, as its executive director. Currently a partner at Good Harbor Consulting LLC, Kurtz most recently served as the founding executive director of the Cyber Security Industry Alliance (CSIA). Prior to CSIA, he served in senior positions on the White House's National Security and Homeland Security Councils under Presidents Clinton and Bush.

"Software assurance is a critical element of IT ecosystem security. By building on the positive work already done in this area by individual firms and encouraging broader adoption of proven best practices for the development and delivery of more secure technology products and services, SAFECode has a unique opportunity to significantly impact the overall security and reliability of the cyber infrastructure," said Paul Kurtz, executive director of SAFECode. "With the support of its founding members, SAFECode will work to meet to growing demand for information and dialogue on software assurance and increase the trust in IT and communications products and services."

Membership in SAFECode is open to information and communications technology vendors with significant global business activity in technology products such as hardware, software and services who have demonstrated a commitment and dedicated resources to software assurance. In addition, SAFECode will be assembling an advisory of government leaders and critical infrastructure operators from around the globe to better understand and respond to key software assurance challenges.

About SAFECode

The Software Assurance Forum for Excellence in Code (SAFECode) is a non-profit organization exclusively dedicated to increasing trust in information and communications technology products and services through the advancement of proven software assurance methods. Founded by EMC Corporation, Juniper Networks, Inc., Microsoft Corporation, SAP AG and Symantec Corp., SAFECode works to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services. For more information, please visit www.safecode.org.

Supporting Comments from SAFECode Founding Members:

"The development of secure products is at the very core of EMC's commitment to delivering an inherently secure information infrastructure. We joined SAFECode because we believe that industry collaboration is essential to the advancement of software assurance." - Eric Baize, senior director, Product Security Office at EMC Corporation

"Modern, innovative businesses view their applications and networks as critical to their mission success, and require the highest levels of assurance from the software, hardware, and systems they deploy in order to keep pace with escalating business demands and evolving security risks. By helping to found SAFECode, Juniper is taking a leadership position in advancing the efforts already underway within the private sector to ensure the security and integrity of software and hardware products. Juniper and SAFECode will help drive the technology industry toward more proactive, preventative risk management." - Robert B. Dix, Jr., vice president, Government Affairs, for Juniper Networks

"Microsoft is committed to collaborating on software security and sharing best practices with the IT industry. We are excited to partner with this group of leaders and together work on the SAFECode initiative to create a safer cyber ecosystem." - Steve Lipner, senior director of Security Engineering Strategy for Microsoft

"The software industry - like the automotive, food or pharmaceutical industry - needs clear standards for security and reliability. At SAP we consider it as our social responsibility to participate in such an initiative to share and extend the already existing activities of our company." - Prof. Dr. Sachar Paulus, Senior Vice President Product Security, SAP

"Our customers trust Symantec to maintain the integrity, availability and confidentiality of their information and assuring the security of our products has always been a top focus for us. SAFECode is an important initiative for the entire industry, and as a founding member we are proud to play an active role in establishing high standards for secure software development practices." - Rob Clyde, vice president of technology, Symantec Corporation