Greetings. Perhaps you’ve heard that as of this week Microsoft’s Trustworthy Computing (TwC) initiative is ten years young: “At 10-Year Milestone, Microsoft’s Trustworthy Computing Initiative More Important than Ever.” 

In this post, we’d like to point you to a couple of posts written by Microsoft Press authors who played key roles in the initiative:

  • Steve Lipner (Senior Director of Security Engineering Strategy at Microsoft), along with Michael Howard, authored The Security Development Lifecycle (Microsoft Press, 2006), which described Microsoft’s implementation of the Security Development Lifecycle (SDL). (You’ll find much more about Microsoft’s use of the SDL and the software development community’s use of similar models via the first link in this post. The Security Development Lifecycle was a very early effort to share SDL best practices with the community.) Steve talks about the TwC initiative in “Trustworthy Computing’s 10 Year Milestone – Reflecting on Humble Beginnings.”
  • Michael Howard (Principal Cybersecurity Architect), along with David LeBlanc, authored two editions of Writing Secure Code (Microsoft Press, 2001; Microsoft Press, 2004). Michael shares his view of the first ten years of TwC in “What a Journey It Has Been.” 

Congrats, guys, on helping improve software security the past decade.