A look inside the security development lifecycle at Microsoft
This article outlines how to apply the Security Development Lifecycle (SDL) to your own software development processes. I will explain how you can take some of the lessons we have learned at Microsoft when implementing SDL, so you can use these concepts in your own development process. But before I get started, I want to make clear that SDL is process-agnostic as far as how you go about developing software.
By Michael Howard at Microsoft.
[ Read more ]