As operating systems become more secure, attacks are evolving and moving “up the stack” into the application layer. As a result, customers are looking to the industry for security solutions and putting pressure on independent software vendors, Web services providers and original equipment manufacturers to adopt secure development practices and educate their developers on secure coding.
Microsoft created the Security Development Lifecycle (SDL) in 2004, significantly improving the security, privacy and reliability of the company’s software. Now, Microsoft is working to share what it’s learned as part of the company’s commitment to create a more trusted computing experience for everyone.
Devami
PS: Steve Lipner, senior director of security engineering strategy in Microsoft’s Trustworthy Computing Group, discusses Microsoft’s plans to share its secure development practices and tools with customers.
