Errata Security has released the results of their survey today, Integrating Security into the Software Development LifeCycle, finding that more than half of the participants said they included preventative security activities in the development lifecycle of their product.
Highlighting the progress that the Microsoft Security Development Lifecycle team has made via investments in security and privacy fundamentals to offer innovative software development processes and technologies, the survey found that most popular formal software security assurance methodology was the Microsoft SDL, followed closely by Microsoft SDL for Agile methodologies. 35% of companies are using SDL for Agile – reflecting the high level of interest in the newly released SDL-Agile methodology.
This survey was conducted over a two-week period and gathered information from 46 different companies both online and at events around the RSA 2010 Conference. It was specifically designed to ask people in the software development community about how they integrate security solutions into their development lifecycle.