Our friends over on the security blog have done up a series of posts about SDL and compliance which are worth reading. Using data from numerous sources, ranging from our SDL and HIPAA whitepaper, our SDL and PCI DSS/PA-DSS whitepaper, and from our SDL Chronicles among others, they’ve compiled some valuable data on the use of SDL to support multiple compliance requirements during software development. Feel free to take a look and grab the whitepapers if you’ve not already got them.
Lessons learned from the Animated Cursor Security Bug
A core tenet of the SDL is to take and incorporate lessons learned when we … Read more »
SDL at 10: Driving Business Value
Since 2004, the Microsoft Security Development Lifecycle (SDL) has helped developers to build more secure … Read more »
Setting SDL memory-related Requirements before your Application Starts
A word of warning, this is purely an “FYI” post that has very little to … Read more »