Shostack + Friends Blog Archive


Microsoft Security Lifecycle

Michael Howard mentions that Microsoft has published their Software Development Lifecycle for security.

Slag all you want, but I don’t see a lot of other vendors doing this. And now, if you need leverage to get buy in, you can either say, “We should emulate Microsoft…” or “Even Microsoft does…” It’s a win. Thanks for making it available.