Videos about the latest Security Development Lifecycle

I know that this is not particularly news but nevertheless it could well be that the non-developers out there have not yet seen this. During TechEd EMEA for Developers we announced several things around SDL and had some speeches. Some of them are public including interviews with people like Michael Howard:

• Video on the Announcements we made
• Dave Ladd’s Blog posts about the Announcements
• Walkthrough of the latest Threat Modeling Tool we have available
• Top 10 Security Peeves (they are really good and you should look at the discussion – it is just a few minutes)
  • Think like an attacker
  • No one would ever attack this
  • That’s a solved problem
  • If we would just focus on quality
  • My app is behind a firewall
  • Giblet
  • That’s wrong
  • It’s all C’s fault
  • Unlocked Workstations
  • Airport Security

So, it is really good :)

Roger

Comments

• Anonymous
  January 01, 2003
  This week I had – again – a longer mail thread on SQL Injection attacks. Probably it caught me at the