Security Development Lifecycle
Since I am the new developer of a internal tool which used by Microsoft internal project to help Microsoft product align with the Security Development Lifecycle (SDL).
I had done more and more research about it myself. I recently found that SDL had been developed for a really long time. Currently, it is in version 3.2 and it will be evolved to version 4 very soon.
When I looked into the MSDN article which talk about SDL at Nov 2005. It clearly capture the important point of SDL. SDL is not a silver bullet for software security, it is a process which will be updating and evolving itself to help creating more secure software at low cost (align with software development lifecycle).
After I learn more and more about SDL, I feel SDL should be follow by all software companies which are serious about developing high quality software.
