Update software to reduce risk of cyber attack, top suppliers tell business - 6/29/2011 - Computer Weekly
Quote, “Businesses are unnecessarily exposing themselves to cyber attack simply by failing to update to the latest versions of the software they are running, according to Microsoft and Adobe.
Both software companies are developing products using a security development lifecycle (SDL) approach first introduced by Microsoft in 2004 and later adopted and adapted by Adobe, where it was rolled out between 2009 and 2010, and entered the first phase of automation in 2010 to 2011.
The SDL, called the secure product lifecyle (SPLC) at Adobe, is integrated into the development lifecycle and enables continuous improvement in the security posture of software products, said Steve Lipner, senior director, security engineering strategy, at Microsoft's Trustworthy Computing (TwC) group.”