Jeremy Dallman here. I wanted to let you know about a great paper from Fortify, one of our newest SDL Pro Network Tools members. The paper highlights the Microsoft SDL approach to secure software development and shows how Fortify’s security solutions can help you implement the SDL and create/deploy more secure software.
At RSA 2010 last week, Fortify published a paper titled Optimizing the Microsoft SDL for Secure Development: Fortify Solutions to strengthen and streamline a Microsoft SDL Implementation. This paper does an excellent job of explaining the challenges of developing secure software, detailing the Microsoft SDL approach to secure software development, and mapping Fortify’s solution offerings to each SDL Practice based on the Simplified Implementation of the SDL.
If you are looking for tools to support your implementation of the SDL, I would encourage you to read through Fortify’s paper to see if their solutions can help you.