Hi everyone, if you’re headed to RSA next week be sure to check out these sessions featuring SDL team members:

AND-202: Microsoft SDL Tools: Automating the Security Development Lifecycle

Wednesday, March 3, 9:10 AM

Katie Moussouris and Bryan Sullivan

(A preview of this session is available as a podcast at https://365.rsaconference.com/blogs/podcast-series-rsa-conference-2010/2010/02/19/and-202-microsoft-sdl-tools-automating-the-security-development-lifecycle-pk-session.)

EXP-202: Picking a Yardstick to Measure Your Software Security Practices

Wednesday, March 3, 9:10 AM

David Ladd, Eric Baize (EMC), Gary McGraw (Cigital), Richard Pethia (Carnegie Mellon University)

HOT-203: Responsible Disclosure: It’s Their Fault!

Wednesday, March 3, 10:40 AM

Katie Moussouris, Martin McKeay (Network Security Blog), Brad Arkin (Adobe Systems), Tim Stanley (Continental Airlines), Steve Dispensa (PhoneFactor), Michael Barrett (PayPal), HD Moore (The Metasploit Project)

(A preview of Katie Moussouris speaking on the topic of Responsible Disclosure can be found at https://admin.secure.streamos.com/streamos/player/flv/?url=http://rsa.edgeboss.net/flash/rsa/rsaconference/2010/us/podcasts/rsac_02-03-10-hot-203-moussouris.mp3.)

AND-304: Threat Modeling: Lessons Learned & Practical Ways to Improve Your Software

Thursday, March 4, 1:00 PM

Adam Shostack and Danny Dhillon (EMC)