Increase Your Microsoft SDL I.Q.
Published: March 26, 2014
Author: Ken Malcolmson, Group Manager, Microsoft Trustworthy Computing
This year is the tenth anniversary of the creation of
Microsoft’s Security Development Lifecycle. Over the last decade the technology-agnostic SDL has been refined and improved based on real-world feedback, made available free of charge for anyone to adapt and adopt in their own environment, and most recently been declared to meet or exceed the guidance published in
ISO/IEC 27034-1, the first international standard to address secure software development requirements.
About the Author
Ken Malcolmson is a group marketing communications manager in Microsoft’s Trustworthy Computing Group. Ken and his team manage marketing and communications for a range of security domains at the company, including Microsoft’s corporate security strategy; the
Microsoft Security Engineering Center, which includes the
Security Development Lifecycle and Security Science; the
Microsoft Security Intelligence Report, which provides in-depth analysis of the global threat landscape; and Microsoft’s collaborative work with governments, multinational organizations and both industry and non-profit groups to enhance security across the cyber-ecosystem.