The concept of Agile security does not have to be a contradiction in terms. The Microsoft SDL team has defined a set of process improvements that increase security focus while respecting the need to release new code on an ultra-short timeline.

In the November 2008 issue of MSDN Magazine, Bryan Sullivan explains how Microsoft has adapted SDL to better suit the needs of teams with Agile development processes.

Also, be sure to test your security IQ – questions and answers by Michael Howard and Bryan Sullivan -- and check out Bryan’s previous article on SDL for Web app development.