Following are the development resources referenced in the Security Development Lifecycle breakout at the ISV CTO Summit:

• Overview of SDL http://msdn.microsoft.com/security/sdl

• Visual Studio 2005 Team Edition http://msdn.microsoft.com/library/en-us/dnvs05/html/vs05security.asp

• App Verifier http://msdn.microsoft.com/library/en-us/dnappcom/html/appverifier.asp  

• FXCop http://www.gotdotnet.com/team/fxcop

• Writing Secure Code, Second Edition http://www.microsoft.com/mspress/books/5957.asp

• Threat Modeling http://www.microsoft.com/mspress/books/6892.asp

• Threat Modeling Web Applications http://msdn.microsoft.com/library/en-us/dnpag2/html/TMWA.asp