September, 2008

  • The Security Development Lifecycle

    SDL Sessions at BlueHat

    • 4 Comments
    Bryan here. Last January, I wrote a post on this blog bemoaning the difficulty of making security interesting and “ sexy ” to developers. Applied research conferences generally place a much greater emphasis on revealing new vulnerabilities and new attack...
  • The Security Development Lifecycle

    SDL and the XSS Filter, Revisited

    • 3 Comments
    Bryan here. Since Steve called me out in his post on the XSS Filter last week, I feel obligated to clarify my position. ☺ I believe that the SDL blog is mainly for development teams; after all, development is the D in SDL. Now, development teams are made...
  • The Security Development Lifecycle

    New addition to the starting line-up...

    • 3 Comments
    Hey all – Dave here… Wanted to drop a quick note to introduce the latest member of the SDL team - Katie Moussouris! Many of you may already know Katie from her past work on the MSRC Ecosystem Strategy Team or her tenure at Symantec and @Stake. ...
  • The Security Development Lifecycle

    SDL Press Tour Announcements

    • 2 Comments
    Steve Lipner here. Last week I participated in a “press tour” talking to press and analysts about the evolution of the SDL. Most of our past discussions with press and analysts have centered on folks who follow security, but this time we also spoke...
  • The Security Development Lifecycle

    About the SDL Pro Network

    • 2 Comments
    Hello all, Dave here... I expect that a number of you have seen the announcement and various press articles or Steve Lipner's Tuesday post about our launch of the SDL Threat Modeling Tool 3.0, the SDL Optimization Model and the SDL Pro Network . Since...
Page 1 of 1 (5 items)