Science and the SDL at Microsoft presented at 44Con 2011

by Alex Lucas,

Summary : Microsoft actively secures its products using the Security Development Lifecycle and through a variety of proactive measures. The security threat environment continues to evolve and the role of Science Engineering is in improving our products to ensure those threats are effectively handled and that tools, techniques and guidance are built back into the SDL.
This talk aims to describe current work on the SDL, the role of Science and how we are working to actively security our products and those of the surrounding ecosystem. Topics covered include the challenges of implementing a large project from start to finish using the SDL as well as freely available tools for third-parties and end users to adopt in order to help them secure their solutions.