Microsoft Security Development Lifecycle - Secure software made easier.
Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Doug Cavit here. I’m happy to announce that we have now released The SDL Chronicles. We have been working with many outside institutions to help document their secure application development journey and what they learned. Together, these stories make up The SDL Chronicles. It is really interesting to me to see all these stories collectively rather than as individual pieces. It is much easier now to see the similarities in what all of these institutions underwent in understanding the new challenging threat landscape. They then built consensus for not just doing the “quick fix” but for solving the problem systemically through a cultural shift. From this effort they were able to realize not only the benefits of enhanced security but also reaping direct benefits for doing the right thing in terms of more productivity and an excellent ROI. All of these stories conclusively show that process and culture matters and while it may take some time and resources the net result is worth the investment.