The most important thing you can do to integrate Security into your SDLC process is to get started. It doesn't matter if you pick Microsoft's SDL, CERT's SQUARE process, Gary McGraw's Touchpoints, or NIST's SP800-64 just get started!
Jeremy Dallman has put together a series of posts using the analogy of "crawl, walk and run" in the SDL blog as a way of providing some basic starting points that would move your organization toward implementing a version of Microsoft’s Security Development Lifecycle (SDL). He has completed the Crawl and Walk posts, these posts are worth looking at if you have not started working on integrating security into your SDLC.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment