Chapter 5. Stage 0: Education and Awareness

In this chapter:

We are often asked why the Security Development Lifecycle (SDL) has been so successful at reducing vulnerabilities in Microsoft software. There are two very simple answers: executive support, and education and awareness. Getting Bill Gates and Steve Ballmer 100 percent committed to SDL was critical (Microsoft 2002), but nearly as critical in security work is an educated engineering workforce.

If your engineers know nothing about basic security tenets, common ...

Get Security Development Lifecycle now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.