More and more enterprises are realizing the importance of proactive security practices and those involved in critical infrastructure are no exception. One of the most effective ways to drive security improvements in critical infrastructure is through industry consensus. Microsoft has been deeply involved...

Hi All. Doug here, In April 2011 Forrester Research wrote a new study on Application Security. This study, titled Application Security: 2011 & Beyond led by Dr Chenxi Wang, Lead Analyst at Forrester Research, provides valuable research, insights and recommendations for security and risk professionals...

Hi All – Doug here… Earlier this year, Microsoft worked with Forrester Consulting and Dr. Chenxi Wang, Lead Analyst on secure application development, to survey the current state of application security amongst 150 of the largest corporations in the US and Canada. I talked about it in...

Hi All – Doug here… We recently had the opportunity to get an inside look into a large company’s journey addressing a web application security incident that led to a deep analysis and change in how a development organization builds security into their software development process...

Hello all - Dave here... I wanted to take a few moments to alert you to a new publication from Trustworthy Computing entitled "The SDL Progress Report." This work has been in progress for a number of months and incorporates data and analysis from various groups in our organization. We hope you find...

Doug Cavit here to talk about a presentation I’m giving at the RSA Conference featuring findings from a Forrester Consulting thought leadership paper we recently released. We’re often asked, “What is the real return on investment for putting a secure application development program...